Report - osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan

Report Overview

Submitted URL
osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan
IP
2.57.138.188
ASN
#31229 Beyond.pl sp. z o.o.
Submitted
2022-11-07 22:41:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
adsnet.work	unknown	2015-06-06T18:23:15Z	2023-02-28T00:06:23Z	364 B	691 B	193.3.19.36
l.sharethis.com	4794	2012-05-21T23:59:04Z	2023-03-10T12:26:26Z	773 B	401 B	52.58.135.25
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	518 B	694 B	142.250.74.35
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.161.6.128
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	2.1 kB	123 kB	216.58.207.195
maps.googleapis.com	33876	2019-10-17T17:56:16Z	2023-03-10T14:06:43Z	451 B	56 kB	216.58.207.234
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	143.204.42.165
hydrahydra.kim	unknown	2021-10-19T20:50:29Z	2023-03-02T15:53:55Z	462 B	314 B	193.3.19.36
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	5.1 kB	10 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	68 kB	34.120.237.76
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	847 B	638 B	142.250.74.174
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	519 B	694 B	142.250.74.164
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	1.4 kB	2.2 kB	142.250.74.10
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-10T05:11:37Z	819 B	73 kB	69.16.175.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
google-analytics.com	8401	2014-05-23T10:59:59Z	2023-03-10T12:16:35Z	369 B	21 kB	216.58.211.4
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-10T12:41:09Z	607 B	711 B	64.233.165.156
platform-api.sharethis.com	5118	2017-01-29T12:44:16Z	2023-03-10T02:22:10Z	378 B	596 B	143.204.55.6
osuszanie-mpi.pl	unknown	2019-04-25T19:48:30Z	2023-02-12T00:39:07Z	1.6 kB	19 kB	2.57.138.188
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	3.4 kB	8.9 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-07	medium	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan	Malware
2022-11-07	medium	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan	Malware
2022-11-07	medium	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	Malware
2022-11-07	medium	adsnet.work/scripts/place.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (50)

	URL	Size	First Seen	Last Seen
	osuszanie-mpi.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-07 17:21:37 Times Seen69097 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/libs/jquery.validate.min.js?ver=-b-modified-1665736703	22 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/libs/jquery.validate.min.js?ver=-b-modified-1665736703 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:50 Last Seen2023-03-11 08:41:50 Times Seen1 Hash 01826c4ebb2ca5259f044be95283c124 f314758ad9238f89a1a093d3cb20a19653e167e2 5636bd2d324529d7f580ca2c2cd2d02317b3cd7a5ddc8cdcadcb708c46cbc8ae Loading...

	maps.googleapis.com/maps/api/js?sensor=false&libraries=places&key=AIzaSyCWM_dg1PmApt9uZ99bsJ1ftUSswUB1ggI&ver=0.0.1	171 kB	2023-03-11	2023-03-11
Pretty URL maps.googleapis.com/maps/api/js?sensor=false&libraries=places&key=AIzaSyCWM_dg1PmApt9uZ99bsJ1ftUSswUB1ggI&ver=0.0.1 IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:50 Last Seen2023-03-11 08:41:50 Times Seen1 Hash a4693bc4ef358be63a81caddbe979400 3fcea5a3cac171e8d6e20cc742eae5df4a234fe9 c31fb21d00b9196f9ffdf5e841f943e6e207f5069db102009f44f734f49f51ed Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	2.2 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash a0460ec4efd5fa9e02a813f288b467a3 8c2152548b3e96821d569bbd4614fce58511f343 900f9921f36e79316e7cf38a5ef15169bd354544a0db49d9761770441da3e71d Loading...

	osuszanie-mpi.pl/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-07 17:21:37 Times Seen38205 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	osuszanie-mpi.pl/wp-content/plugins/rich-reviews/js/rich-reviews.min.js?ver=-b-modified-1665736293	2.5 kB	2023-03-07	2023-12-03
Pretty URL osuszanie-mpi.pl/wp-content/plugins/rich-reviews/js/rich-reviews.min.js?ver=-b-modified-1665736293 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:23 Last Seen2023-12-03 22:34:40 Times Seen14 Hash 74c87fd467f910f9975cbbc18c94935c 74bbb81f8d4af94f33bb27ac243cbd0d61ddfdd1 ea57885490469df338cce5af97008a058163b6251957d14df6dca947f287ecba Loading...

	adsnet.work/scripts/place.js	377 B	2023-03-08	2023-04-20
Pretty URL adsnet.work/scripts/place.js IP 193.3.19.36 ASN #50340 OOO Network of data-centers Selectel Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:36 Last Seen2023-04-20 16:46:43 Times Seen140 Hash 4435b6168b6acda2edea1c16ab2d857a eff2c42517e44a568b5011125b5cba022f27f67f dcd5ff0b5118befd94a04b7bbc750b5a7b473e39fefd81e235f79bd848916569 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	255 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 05e2aa39d3f6f59c93e732b17a70f951 66692c69aebabe759a01a4ef0637c79a1312736d 99bdb20b20da301ee268594a955a3c79c878c06654c0b75779e8191af42c293e Loading...

	osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0-b-modified-1665743075	2.1 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0-b-modified-1665743075 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-07 17:21:38 Times Seen22505 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-05
Pretty URL google-analytics.com/analytics.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-05 19:10:17 Times Seen1641 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	platform-api.sharethis.com/js/sharethis.js#product=ga	197 kB	2023-03-10	2023-03-11
Pretty URL platform-api.sharethis.com/js/sharethis.js#product=ga IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:04:21 Last Seen2023-03-11 10:56:39 Times Seen1 Hash 8b2233ba7d006f238a171183530abeba c6ffb8df8fd844294ddc5a02d626b8cc26a6b004 81f32cd7d5c3249b65d16671f85ccb6143114a3a2e6143aae8b3c632c6c94977 Loading...

	osuszanie-mpi.pl/wp-content/themes/etro/js/owl-carousel/owl.carousel.js?ver=20150315-b-modified-1665736690	30 kB	2023-03-11	2023-09-23
Pretty URL osuszanie-mpi.pl/wp-content/themes/etro/js/owl-carousel/owl.carousel.js?ver=20150315-b-modified-1665736690 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-09-23 22:27:44 Times Seen5 Hash 69787547cdd15401b78ec085627865be 58e321e42a8ad460e521e5c2e0c56854aab2744b 9d40cbd4c6570f2ca1ed7d97233cb8c2af4c3101d73d66f8fbaef90f1130a871 Loading...

	osuszanie-mpi.pl/wp-content/plugins/opallocationinfo/assets/js/markerclusterer.js?ver=1.0.1-b-modified-1665736415	19 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/plugins/opallocationinfo/assets/js/markerclusterer.js?ver=1.0.1-b-modified-1665736415 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 975b9769dec98902c9c1e1e8888635c9 11db8734f24beb190b4564fc0e9427f05450b9c6 2a90ac9677e9aefa91bc003eb40763a7cfc786456de9a259c5ee092020e3e1e6 Loading...

	osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/libs/jquery.magnific-popup.min.js?ver=1.0.1-b-modified-1665736703	21 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/libs/jquery.magnific-popup.min.js?ver=1.0.1-b-modified-1665736703 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 485d65f80d72c41db0388d4193e5b24a f3338569369c15fdaa2c28d7fb2b918c70399a47 3b45868c840059ace9cb81c68c6ea0cd2bf234b2b420bc79c74486702079bd98 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	80 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 832027b56a57386920e172d738757b6b 4cc8d6ca092749985cca559e746652dcd4bdcad4 c3f601b73eafd9bc85f8133935516a22723e65d921c0c3c1b0acf7a8d24774d1 Loading...

	osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/jquery.fitvids.js?ver=1.0.0-b-modified-1665736362	3.3 kB	2023-03-07	2024-04-29
Pretty URL osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/jquery.fitvids.js?ver=1.0.0-b-modified-1665736362 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:55:30 Last Seen2024-04-29 11:05:18 Times Seen58 Hash 1767c957894feafe25a048090e913eaf af1bdfd1ab99e886613f1477ef1b8d7dd9eadde6 949698a4d926f9aea7caf64f57d8e09a79f5a395b55208da7a1805695454c250 Loading...

	osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0-b-modified-1665743074	3.0 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0-b-modified-1665743074 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-07 08:25:22 Times Seen1763 Hash 4e544022235ced14996464116a9ed9b2 31ee19d95973124b812a22c5ff5944d5b5bf8147 4ef2d5b0ef62523af87f3e13d8061449b2ddbfce07064f26b1305084abbf18f1 Loading...

	osuszanie-mpi.pl/wp-content/themes/etro/js/rich-reviews/scripts.js?ver=1.0.0-b-modified-1665736690	922 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/themes/etro/js/rich-reviews/scripts.js?ver=1.0.0-b-modified-1665736690 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash a6f6df97876780dacd478b51781262e6 46f0b3af4176e7991b6428ddb2a5dab8cc087ed9 e7126a7a6874ce57b2b22ff5d31ce2114fe71c5f3627655d4166f1c26b53e539 Loading...

	code.jquery.com/ui/1.11.1/jquery-ui.min.js?ver=0.0.1	238 kB	2023-03-07	2024-05-02
Pretty URL code.jquery.com/ui/1.11.1/jquery-ui.min.js?ver=0.0.1 IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-02 22:17:30 Times Seen1592 Hash dfe3ecf96456f8cafc12a7f48de6b8c8 9927afbb31df93a76977a676a933b7e3696d61ba e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7 Loading...

	osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0-b-modified-1665743075	9.5 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0-b-modified-1665743075 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-07 08:25:22 Times Seen1893 Hash a5451283952efd5df49466bbeace6911 dce405842471c303c3d8fd6fa3c084aa56a71029 f4e38e5ef16efe51836cf7142412b8e1aa8b73ce89afed23be0cf77dfd8e095d Loading...

	osuszanie-mpi.pl/wp-content/themes/etro/js/functions.js?ver=20150315-b-modified-1665736344	22 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/themes/etro/js/functions.js?ver=20150315-b-modified-1665736344 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash a8bed2119633d4907ff52f0c0ad58272 4d325ad64a128d50e85b2b73efab0631e8d37353 5e8a6dfd1519769d08c4a39943f3ceefd339504f30f593fe1dc0906495508cfa Loading...

	osuszanie-mpi.pl/wp-content/themes/etro/js/woocommerce.js?ver=20131022-b-modified-1665736343	6.6 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/themes/etro/js/woocommerce.js?ver=20131022-b-modified-1665736343 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash ec345283d850403ceb6a6d9d8d971ab6 9e41722458ca158c8d65c0fe38ec6cac3001039c 6f61f2cb19bf3f69640e8e2fb60536af196d7b6eeb7d168e9c811a6f7bc5e5b5 Loading...

	osuszanie-mpi.pl/wp-content/themes/etro/js/jquery.prettyPhoto.js?ver=-b-modified-1665736344	22 kB	2023-03-07	2024-04-25
Pretty URL osuszanie-mpi.pl/wp-content/themes/etro/js/jquery.prettyPhoto.js?ver=-b-modified-1665736344 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:02 Last Seen2024-04-25 08:34:08 Times Seen210 Hash 11289aa698605cab3300acef620164fc e13ff658c3f1d0b3c5caf6793816ef7eb64dce2e b649d54062bfbf69d736f62f09317785091dc9a17abffa380289f55f92f4e8db Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	334 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash eb95775cc67450ada7e2feca1b080b41 1d34a374651b858ba9460d3beca0971802278fed 6c70c5a824133449616a6c53a7b67c3fe3e2e2b1f4b06949d7d467460b3754d7 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	152 B	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-07 17:48:30 Times Seen20119 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/scripts.js?ver=1.0.0-b-modified-1665736361	1.3 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/scripts.js?ver=1.0.0-b-modified-1665736361 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 1cc60e62edd2d1fdd9748ffcd97c4044 7c441a2cebfc1899cf33b1b81d80f93d7601b192 7f2e3f09a08c2d7e3edc4c1b14896fcc3b36964063ce4d7bab9e7831060e088d Loading...

	osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0-b-modified-1665743074	2.9 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0-b-modified-1665743074 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-07 08:25:22 Times Seen14036 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	110 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 252df6cc404262f9e81bfa3eb859c55d bcb9cb5a52fea3479ba25a29e14a49396e7e403d 9220dd2e1788ac8fd73119bc6912fa8bd88e3da59d353af9e08e8c07fc36435f Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js	170 kB	2023-03-08	2023-10-18
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:19 Last Seen2023-10-18 15:23:03 Times Seen16 Hash 0b9b4e5d1bc7a1ae4ca5568310adcc16 8cb5a2a559d5d30b15e5feadea686192f2474462 9c794b1db0cce54971541669b8c23bbe83b3406db2d70eecac666136e6627b93 Loading...

	osuszanie-mpi.pl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3-b-modified-1665742992	12 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3-b-modified-1665742992 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2024-05-07 15:19:58 Times Seen2077 Hash 3f3fc23f477a3849aa5677c585b2a2b4 ccf0865ebd37f76c450c7a377a86ff2448288db3 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	33 B	2023-03-11	2023-05-10
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-05-10 08:53:20 Times Seen3 Hash 9661b5bb2b7fe7ddb08817943601a383 e87a7dde81c1ddabc902e700f0fd695f8a61aec3 c04d867e0a663f1571cc336caa86570f14016279fd07dcd7bccc00c5f99e6191 Loading...

	osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0-b-modified-1665743075	1.8 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0-b-modified-1665743075 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-05-07 08:25:22 Times Seen21703 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	135 B	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-07 17:48:30 Times Seen26751 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	osuszanie-mpi.pl/wp-includes/js/jquery/suggest.min.js?ver=1.1-20110113	3.0 kB	2023-03-07	2024-05-02
Pretty URL osuszanie-mpi.pl/wp-includes/js/jquery/suggest.min.js?ver=1.1-20110113 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:15 Last Seen2024-05-02 19:51:29 Times Seen300 Hash 7311075c2b411b299c94e36e2e3bab89 6ed45e67ea8623d5e2da67449ff4008ca043382a 9b7e574146adb2e34f5d1210cea786679805a648a73ac03ddab6fefaec903de3 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	333 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 7794aa2e2ae0da18623119fe80799ab8 c664159e2f0e117f4c593730f021f6bcd61c9f8a 09298a003208f62fa0971d4d6fa8097b071930088912e1c50ed3a396f909ad4a Loading...

	unknown	0 B	2023-03-07	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 17:54:45 Times Seen37413519 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	475 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 4be366d91c2eb5bbc42e02604ec4dca8 6bc480d8a809eeca4fa44476a097ae2cf266762f 154d6643b0128cb7625c27d88569d302ade61748e91127d20973c45fa3c379be Loading...

	osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/libs/jquery.datetimepicker.full.min.js?ver=2.0.0-b-modified-1665736703	56 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/libs/jquery.datetimepicker.full.min.js?ver=2.0.0-b-modified-1665736703 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash b82030445aea6b4b3ff822ca39aaf539 360fbdf37760253f48788416c2f4f36bf175510f e027015e35fd47b15622557043c207548c1aed5499eb59c36f454ec159c0d1e5 Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	143 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 9cbdfa9f834f6d60a8fee8453396b0a3 038cc6ebe0b4d3846f0256b9a0f3e6bcf3ae5d00 d38dbeaeebb522d1db72e21dbd68fe0a7482e5bc14840c528aa5da8d76636b6a Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	294 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 37fc9686750b55d29c63298957c77a4b 2a83877d898195e2b0930e9d63aaa882f087bef3 85b6320167db2f181ce1a9ff4a78a92b54919028322d4f1a87cbe4d7d1ffd05d Loading...

	osuszanie-mpi.pl/wp-content/themes/etro/js/rich-reviews/autosize.js?ver=1.0.0-b-modified-1665736690	2.9 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/themes/etro/js/rich-reviews/autosize.js?ver=1.0.0-b-modified-1665736690 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 241e51d1e0cbfcbdced2885e70e97855 02c7f0358ca738d15c88dd34dafcd704dec70799 28f569f701c2719ec3116bbf537a923802ff1a2d5d046b85d8f4ebaeac163471 Loading...

	osuszanie-mpi.pl/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3-b-modified-1665742992	9.7 kB	2023-03-07	2024-05-07
Pretty URL osuszanie-mpi.pl/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3-b-modified-1665742992 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:47 Last Seen2024-05-07 15:19:58 Times Seen1742 Hash 490c29d6776fc430c23403fd845b34b0 817129906b7fef1011895a76f047c7693a852e21 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Loading...

	osuszanie-mpi.pl/wp-content/themes/etro/js/bootstrap.min.js?ver=20130402-b-modified-1665736345	37 kB	2023-03-07	2024-05-06
Pretty URL osuszanie-mpi.pl/wp-content/themes/etro/js/bootstrap.min.js?ver=20130402-b-modified-1665736345 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-05-06 22:33:39 Times Seen2882 Hash 04c84852e9937b142ac73c285b895b85 8fb8a9319055253d085edfc3bb72d20f614ec709 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64 Loading...

	osuszanie-mpi.pl/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.6.14-b-modified-1665736709	18 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/plugins/kingcomposer/assets/frontend/js/kingcomposer.min.js?ver=2.6.14-b-modified-1665736709 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash dc68191d5f97236c09d1349c6e061288 774214ee22a0c40d83a31c1360acd3d249f7ecd4 578bb136475b86b93ca9895d71a211fe951902b1b44fd14df8c6ee1cd281d664 Loading...

	osuszanie-mpi.pl/wp-content/plugins/opallocationinfo/assets/js/owl-carousel-script.js?ver=1.0.0-b-modified-1665736414	2.9 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/plugins/opallocationinfo/assets/js/owl-carousel-script.js?ver=1.0.0-b-modified-1665736414 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 7637208ea5022af3c0d43f95ff500246 b723df85be1221e99f07c620a6f485f01fd536be 40d9015a5df85b42eb8c6b1d88b6387807a08ac1f2decf508846168c65aa0fcd Loading...

	osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/	233 B	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/ IP 2.57.138.188 ASN #31229 Beyond.pl sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash 236edd039de0fa12fbd8115f76cb30d7 c0b84575a72c6cf0a0a88d6e694a3aa57443a75e d81de1d8e596d8a273d6d83d88e473372c24af2883f4a26a0faf49726f1c4ad3 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js	254 kB	2023-03-08	2024-05-02
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:45 Last Seen2024-05-02 15:39:53 Times Seen17 Hash 7caaf941be566b5a0ab845ebbe6fa41c 6baa9fd462731f60d53390e8e808bca815601226 b7f6913366b53872adac07cbd9708d54830a578b5a59e6fcb600e32b340fa1bc Loading...

	osuszanie-mpi.pl/wp-content/plugins/wpopal-themer/assets/js/elevatezoom/elevatezoom-min.js?ver=-b-modified-1665743120	33 kB	2023-03-07	2024-05-05
Pretty URL osuszanie-mpi.pl/wp-content/plugins/wpopal-themer/assets/js/elevatezoom/elevatezoom-min.js?ver=-b-modified-1665743120 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:16 Last Seen2024-05-05 12:37:38 Times Seen373 Hash b8c320b245bda0ee6d6a05b1c5551a58 ff50d69e6f12a1b5c3a4409ea0aae8165c610c26 a8a4785f149e351a2d0c6873d799c80b425f0a16ba9cb945f4cf060e6eeb9b1e Loading...

	osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/schedule_frontend.js?ver=1.0.0-b-modified-1665736361	5.0 kB	2023-03-11	2023-03-11
Pretty URL osuszanie-mpi.pl/wp-content/plugins/opalschedule/assets/js/schedule_frontend.js?ver=1.0.0-b-modified-1665736361 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:41:51 Last Seen2023-03-11 08:41:51 Times Seen1 Hash a1bd7e2c9a57743cb9315b634ce79af3 e4f6767dd017581418a2d6fd0af24478b8bffd57 e19ba4c104da2a87d78957b39a8ed4b67600fffacd51b08f0c00be356de399b1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 970e05e7cf8b7abec19551cd2909d732	24 kB	2023-03-11	2023-12-29
Pretty Observations First Seen2023-03-11 08:41:51 Last Seen2023-12-29 12:10:43 Times Seen2 Hash 970e05e7cf8b7abec19551cd2909d732 09062ab58b4dae85360d7acc8ba3927df7c40959 2e20113efd2ccc2ad6afb37e6cd519b8604133b377003ceb96e30c4593b6b125 Loading...

HTTP Transactions (60)

URL IP Response Size

osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan

2.57.138.188

301 Moved Permanently

707 B

URL HTTP/1.1
osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan
IP
2.57.138.188:0
ASN
#31229 Beyond.pl sp. z o.o.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jakie-moga-byc-przyczyny-zalan HTTP/1.1
Host: osuszanie-mpi.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 07 Nov 2022 22:41:36 GMT
server: LiteSpeed
location: https://osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan
vary: User-Agent

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4801
Expires: Tue, 08 Nov 2022 00:01:37 GMT
Date: Mon, 07 Nov 2022 22:41:36 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5411
Cache-Control: max-age=134393
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:36 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 12:01:29 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4828
Expires: Tue, 08 Nov 2022 00:02:04 GMT
Date: Mon, 07 Nov 2022 22:41:36 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: gY59R4wmpMRrDXEjM06Ps164grhGkjhs7DPi0KsmFZlNjllN/pA41C5807vTuBItBLHery5hSgQ=
x-amz-request-id: 803XYYVR9Z500MFQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 07 Nov 2022 22:11:03 GMT
age: 1833
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 22:41:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c6386a6ba0b75a6f1b9f2fe5f0b439f
d9f373dc1a184025bda0752e1774fa0ec9062df1
1c9d45a19173c624c2b4734f1206c656064d4cb44651c49b04534d8e2efe68fe

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C9D45A19173C624C2B4734F1206C656064D4CB44651C49B04534D8E2EFE68FE"
Last-Modified: Sun, 06 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21551
Expires: Tue, 08 Nov 2022 04:40:47 GMT
Date: Mon, 07 Nov 2022 22:41:36 GMT
Connection: keep-alive

osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan

2.57.138.188

301 Moved Permanently

0 B

URL HTTP/2
osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan
IP
2.57.138.188:0
ASN
#31229 Beyond.pl sp. z o.o.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jakie-moga-byc-przyczyny-zalan HTTP/1.1
Host: osuszanie-mpi.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/
cache-control: public, max-age=2592000
expires: Wed, 07 Dec 2022 22:41:37 GMT
content-length: 0
date: Mon, 07 Nov 2022 22:41:37 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c6386a6ba0b75a6f1b9f2fe5f0b439f
d9f373dc1a184025bda0752e1774fa0ec9062df1
1c9d45a19173c624c2b4734f1206c656064d4cb44651c49b04534d8e2efe68fe

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C9D45A19173C624C2B4734F1206C656064D4CB44651C49B04534D8E2EFE68FE"
Last-Modified: Sun, 06 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Tue, 08 Nov 2022 04:40:47 GMT
Date: Mon, 07 Nov 2022 22:41:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6f4643306be10417c47176a6e67306f
940a13818904add9e1cacd12610f37ba1efd7bc5
67e51095b5da59b3eeda8a28c81789e69064a0a19a93347c2fcb05fd4b21e6d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1843
Cache-Control: max-age=125752
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:37 GMT
Etag: "6368caa6-1d7"
Expires: Wed, 09 Nov 2022 09:37:29 GMT
Last-Modified: Mon, 07 Nov 2022 09:06:46 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.161.6.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.6.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bo2oY5rWiOg665ERlbVCbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7l/LcQcQs24ThXBidIsGmGnRWos=

code.jquery.com/ui/1.11.1/themes/smoothness/jquery-ui.css?ver=1.0.0

69.16.175.10

200 OK

8.1 kB

URL HTTP/2
code.jquery.com/ui/1.11.1/themes/smoothness/jquery-ui.css?ver=1.0.0
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (2363)
Size
8.1 kB (8055 bytes)
Hash
08220e9626f38b0fa2ce5723c66142f1
4eee8b89ca55866bf0de907900143e089b0de97c
1a51318542e625dbd8b1ce95330026f58e5ff229373e639afd0f05ff3be30e4d

HTTP Headers

GET /ui/1.11.1/themes/smoothness/jquery-ui.css?ver=1.0.0 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 07 Nov 2022 22:41:37 GMT
content-encoding: gzip
content-length: 8055
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-898c"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667860897.dop067.sk1.t,1667860897.cds201.sk1.hn,1667860897.cds249.sk1.c
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.1/jquery-ui.min.js?ver=0.0.1

69.16.175.10

200 OK

64 kB

URL HTTP/2
code.jquery.com/ui/1.11.1/jquery-ui.min.js?ver=0.0.1
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32119)
Size
64 kB (63672 bytes)
Hash
e5fbced307031381060ea3e7ae921a08
eabd17e55b11a38bf25fdfba1fbe476ac2392907
f6cc06be0b6a5596e6d9ec07e548ff9492bc1984436ec1c17f69776c10db4b4c

HTTP Headers

GET /ui/1.11.1/jquery-ui.min.js?ver=0.0.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 07 Nov 2022 22:41:37 GMT
content-encoding: gzip
content-length: 63672
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-3a2ea"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667860897.dop067.sk1.t,1667860897.cds201.sk1.hn,1667860897.cds215.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/

2.57.138.188

200 OK

16 kB

URL HTTP/2
osuszanie-mpi.pl/jakie-moga-byc-przyczyny-zalan/
IP
2.57.138.188:0
ASN
#31229 Beyond.pl sp. z o.o.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
16 kB (15724 bytes)
Hash
42c74c4d69397f11d8cb96b2ae5ef4aa
c33334e0fae1a2144ec54f598346683ac1bfec82
73ab4a6c36d3fd80f47b7b84d018b827eb7d330e9b030108d2f38a593e84d433

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /jakie-moga-byc-przyczyny-zalan/ HTTP/1.1
Host: osuszanie-mpi.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://osuszanie-mpi.pl/wp-json/>; rel="https://api.w.org/", <https://osuszanie-mpi.pl/wp-json/wp/v2/posts/14263>; rel="alternate"; type="application/json", <https://osuszanie-mpi.pl/?p=14263>; rel=shortlink
cache-control: public, max-age=2592000
expires: Wed, 07 Dec 2022 22:41:37 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Mon, 07 Nov 2022 22:41:37 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?sensor=false&libraries=places&key=AIzaSyCWM_dg1PmApt9uZ99bsJ1ftUSswUB1ggI&ver=0.0.1

216.58.207.234

200 OK

56 kB

URL HTTP/2
maps.googleapis.com/maps/api/js?sensor=false&libraries=places&key=AIzaSyCWM_dg1PmApt9uZ99bsJ1ftUSswUB1ggI&ver=0.0.1
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2465)
Size
56 kB (55542 bytes)
Hash
fa02a379708cadbc416a06c6c29610fd
18920a3a61be71ba928cab126d2244b053917252
590cd3a0736fc86f11007ae601391761a2b120d8fd2f54148ed680852ef81a22

HTTP Headers

GET /maps/api/js?sensor=false&libraries=places&key=AIzaSyCWM_dg1PmApt9uZ99bsJ1ftUSswUB1ggI&ver=0.0.1 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 07 Nov 2022 22:41:38 GMT
expires: Mon, 07 Nov 2022 23:11:38 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55542
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8555b6cd733ff23d726c8a0b30517d0
01d1481d8912d933c70a535baa8ac9e8e006bfdd
7160d9212ba544fcbebd5043ca24001a32030f433bbc9efaa497da55a3dffd19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7160D9212BA544FCBEBD5043CA24001A32030F433BBC9EFAA497DA55A3DFFD19"
Last-Modified: Sat, 05 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21509
Expires: Tue, 08 Nov 2022 04:40:07 GMT
Date: Mon, 07 Nov 2022 22:41:38 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2

216.58.207.195

200 OK

27 kB

URL HTTP/2
fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 27116, version 1.0\012- data
Size
27 kB (27116 bytes)
Hash
13c1ac7fc8f934e169620e81471a3a54
d111242b230c54204e9ec061537869f8ce20cb53
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed

HTTP Headers

GET /s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://osuszanie-mpi.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 15:03:06 GMT
expires: Wed, 01 Nov 2023 15:03:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:35:20 GMT
content-type: font/woff2
age: 545912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adsnet.work/scripts/place.js

193.3.19.36

200 OK

377 B

URL HTTP/1.1
adsnet.work/scripts/place.js
IP
193.3.19.36:0
ASN
#50340 OOO Network of data-centers Selectel

File type
ASCII text
Size
377 B (377 bytes)
Hash
4435b6168b6acda2edea1c16ab2d857a
eff2c42517e44a568b5011125b5cba022f27f67f
dcd5ff0b5118befd94a04b7bbc750b5a7b473e39fefd81e235f79bd848916569

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /scripts/place.js HTTP/1.1
Host: adsnet.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 22:41:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://osuszanie-mpi.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 05:42:51 GMT
expires: Fri, 03 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 406727
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Size
31 kB (31320 bytes)
Hash
3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://osuszanie-mpi.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 18:57:58 GMT
expires: Tue, 07 Nov 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 13420
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16248, version 1.0\012- data
Size
16 kB (16248 bytes)
Hash
32716a5cfa3f66cf0e1d74d60694c4ad
ba7958726a7c60abfe42b469c3ce5a7074e4b8fb
ea1b915d9a1f79eefb62e5c9c1af97e12adacc44deac97601105bdd2d2c46798

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://osuszanie-mpi.pl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 01:12:59 GMT
expires: Wed, 01 Nov 2023 01:12:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:11:29 GMT
content-type: font/woff2
age: 595719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

osuszanie-mpi.pl/wp-content/uploads/kontakt-osuszacze-mpi.jpg

2.57.138.188

301 Moved Permanently

707 B

URL HTTP/1.1
osuszanie-mpi.pl/wp-content/uploads/kontakt-osuszacze-mpi.jpg
IP
2.57.138.188:0
ASN
#31229 Beyond.pl sp. z o.o.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

HTTP Headers

GET /wp-content/uploads/kontakt-osuszacze-mpi.jpg HTTP/1.1
Host: osuszanie-mpi.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 07 Nov 2022 22:41:38 GMT
server: LiteSpeed
location: https://osuszanie-mpi.pl/wp-content/uploads/kontakt-osuszacze-mpi.jpg
vary: User-Agent

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4590
Expires: Mon, 07 Nov 2022 23:58:08 GMT
Date: Mon, 07 Nov 2022 22:41:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4590
Expires: Mon, 07 Nov 2022 23:58:08 GMT
Date: Mon, 07 Nov 2022 22:41:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4590
Expires: Mon, 07 Nov 2022 23:58:08 GMT
Date: Mon, 07 Nov 2022 22:41:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4590
Expires: Mon, 07 Nov 2022 23:58:08 GMT
Date: Mon, 07 Nov 2022 22:41:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10719 bytes)
Hash
b8c1ed79376a3bf9dfc9713189c36039
26ef76be8b675a4eeaf5ee428ee56d1a1181c6af
45f6891db04614dd3309e7951b90fafdac07e57e1932ebda66c852d6f9b65e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10719
x-amzn-requestid: 04634220-90c5-403b-a531-c0a984379b33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKNGK0IAMFxrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-543f03665ed83c4e63c47c7b;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9dIZZFcHMehw8L-snVwpsfBR6LTznNnMduphX2ddvZ1mQIHqWTjqQ==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:30 GMT
age: 3668
etag: "26ef76be8b675a4eeaf5ee428ee56d1a1181c6af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10781 bytes)
Hash
4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tL667rmWZPwJrD76JI5jBbUa3oEwaLZc-A5omJ8WyQMzsxDgIXsQhg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:11:08 GMT
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
age: 1830
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53771fc6-60e5-4f18-8cc7-e8411e2b99d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5325 bytes)
Hash
bcff76df653cc2141d328013181ada9e
9343a49b3846f73e34d32a6bc7569a1c67e89894
affab8aead0d38958a7232bb8a866fffdb85b243174968f6b1bea220ae0152d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53771fc6-60e5-4f18-8cc7-e8411e2b99d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5325
x-amzn-requestid: 6fe63702-6974-4a3d-82ba-9636858f1f7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1cHPxoAMFjCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b55-593b06387844528377de364d;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T5totlLjxjd4OgFCxpIYsyz3u5vgI-vJH0qvw7wQ96X_sr8PfMDbbw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:56:33 GMT
etag: "9343a49b3846f73e34d32a6bc7569a1c67e89894"
content-type: image/jpeg
age: 2705
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7772848f-5e9d-4c88-8eda-7a1da08adeda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13818 bytes)
Hash
622de189afa4ff7e67653ba9adcaebac
72ce138ed60bc1986442fafe59083f01ab4ddc28
bdc6c1f647405ab258a490c3bfc7525e958c9dcb426f6ca20fc44e77bab09707

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7772848f-5e9d-4c88-8eda-7a1da08adeda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13818
x-amzn-requestid: f1fd04bc-8568-490a-99d7-4d6be19394d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bHb6WEadIAMFSfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63660d0e-6bca016563ed708569ab88e4;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 07:13:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _cnQZ8XmnfTD_PCY2_S7XpQO5uiOBQFFCiJngf4WhjgH41x8E6Oytw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 08:56:50 GMT
age: 49488
etag: "72ce138ed60bc1986442fafe59083f01ab4ddc28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F587b13b8-778f-4c2f-afe5-87ac6c7cc3cc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10574 bytes)
Hash
43bbf037a1c11b983c19f31acaebc246
0d1275a2163b7fa43d5d96024a169f4020da2114
679c3438ef89dcf35ec907611369529b2b6306ac85fb1bbf9e3e376c6a7bb7cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F587b13b8-778f-4c2f-afe5-87ac6c7cc3cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10574
x-amzn-requestid: 60664e42-4753-4ad3-8c40-301d6c38a2c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQALqEtjoAMF3VQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a4a-3437c3705b65514d35095250;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LNWO4z0SO2JXfrd9f2VyUjpZUsyhIr7GNPnTtsIkqec-tgpSlwo7_Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:57:00 GMT
age: 2678
etag: "0d1275a2163b7fa43d5d96024a169f4020da2114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 09:11:38 GMT
age: 48600
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d6dbaa7f1a697305cfaabdc859cdb9d3
680fa363852fb33b9b76b83d3ba5c0a4c51499cb
2ccc20d4d484d91da7e9fb07056d62a620af07b21f495be49f54e7e83c988dda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

google-analytics.com/analytics.js

216.58.211.4

200 OK

20 kB

URL HTTP/2
google-analytics.com/analytics.js
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 07 Nov 2022 21:28:13 GMT
expires: Mon, 07 Nov 2022 23:28:13 GMT
cache-control: public, max-age=7200
age: 4406
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d6dbaa7f1a697305cfaabdc859cdb9d3
680fa363852fb33b9b76b83d3ba5c0a4c51499cb
2ccc20d4d484d91da7e9fb07056d62a620af07b21f495be49f54e7e83c988dda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j98&a=865547965&t=pageview&_s=1&dl=https%3A%2F%2Fosuszanie-mpi.pl%2Fjakie-moga-byc-przyczyny-zalan%2F&ul=en-us&de=UTF-8&dt=Jakie%20mog%C4%85%20by%C4%87%20przyczyny%20zala%C5%84%3F%20%7C%20MPI%20Gda%C5%84sk&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1396177918&gjid=30309491&cid=1671493445.1667860896&tid=UA-104394203-1&_gid=1498137851.1667860896&_r=1&_slc=1&z=1118534553

142.250.74.174

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=865547965&t=pageview&_s=1&dl=https%3A%2F%2Fosuszanie-mpi.pl%2Fjakie-moga-byc-przyczyny-zalan%2F&ul=en-us&de=UTF-8&dt=Jakie%20mog%C4%85%20by%C4%87%20przyczyny%20zala%C5%84%3F%20%7C%20MPI%20Gda%C5%84sk&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1396177918&gjid=30309491&cid=1671493445.1667860896&tid=UA-104394203-1&_gid=1498137851.1667860896&_r=1&_slc=1&z=1118534553
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j98&a=865547965&t=pageview&_s=1&dl=https%3A%2F%2Fosuszanie-mpi.pl%2Fjakie-moga-byc-przyczyny-zalan%2F&ul=en-us&de=UTF-8&dt=Jakie%20mog%C4%85%20by%C4%87%20przyczyny%20zala%C5%84%3F%20%7C%20MPI%20Gda%C5%84sk&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1396177918&gjid=30309491&cid=1671493445.1667860896&tid=UA-104394203-1&_gid=1498137851.1667860896&_r=1&_slc=1&z=1118534553 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://osuszanie-mpi.pl
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://osuszanie-mpi.pl
date: Mon, 07 Nov 2022 22:41:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e60d0f756c02f4058dc70cb995ad6760
54f90a7746f4fc7f69bb81a82096e00cc8f15d55
dfa9db0ba7f7ac40c90d54b455ee57980b75226130d9c77fc2946d7d4e218acf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157927
Date: Mon, 07 Nov 2022 22:41:39 GMT
Etag: "63694aae-1d7"
Expires: Wed, 09 Nov 2022 18:33:46 GMT
Last-Modified: Mon, 07 Nov 2022 18:13:02 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vF25B9robqSOXwU3ovh6DI2W4-LRIjmsKlOZ0VFYtTgJN6o5205Jgw==
Age: 1244

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a9374206851834987bb6f42fdbde6965
1e7632ba7b83a2258cb88662d2fb2783d400dec3
854af7f8daaf516b72c709bf1c9e6ba2637431efac48d977c520440cb3b99dca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

l.sharethis.com/pview?event=pview&hostname=osuszanie-mpi.pl&location=%2Fjakie-moga-byc-przyczyny-zalan%2F&product=ga&url=https%3A%2F%2Fosuszanie-mpi.pl%2Fjakie-moga-byc-przyczyny-zalan%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Jakie%20mog%C4%85%20by%C4%87%20przyczyny%20zala%C5%84%3F%20%7C%20MPI%20Gda%C5%84sk&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en

52.58.135.25

204 No Content

0 B

URL HTTP/1.1
l.sharethis.com/pview?event=pview&hostname=osuszanie-mpi.pl&location=%2Fjakie-moga-byc-przyczyny-zalan%2F&product=ga&url=https%3A%2F%2Fosuszanie-mpi.pl%2Fjakie-moga-byc-przyczyny-zalan%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Jakie%20mog%C4%85%20by%C4%87%20przyczyny%20zala%C5%84%3F%20%7C%20MPI%20Gda%C5%84sk&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en
IP
52.58.135.25:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pview?event=pview&hostname=osuszanie-mpi.pl&location=%2Fjakie-moga-byc-przyczyny-zalan%2F&product=ga&url=https%3A%2F%2Fosuszanie-mpi.pl%2Fjakie-moga-byc-przyczyny-zalan%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Jakie%20mog%C4%85%20by%C4%87%20przyczyny%20zala%C5%84%3F%20%7C%20MPI%20Gda%C5%84sk&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://osuszanie-mpi.pl
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://osuszanie-mpi.pl
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 07 Nov 2022 22:41:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&gjid=30309491&_gid=1498137851.1667860896&_u=IEBAAEAAAAAAACAAI~&z=736319931

64.233.165.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&gjid=30309491&_gid=1498137851.1667860896&_u=IEBAAEAAAAAAACAAI~&z=736319931
IP
64.233.165.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&gjid=30309491&_gid=1498137851.1667860896&_u=IEBAAEAAAAAAACAAI~&z=736319931 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://osuszanie-mpi.pl
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://osuszanie-mpi.pl
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 07 Nov 2022 22:41:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a9374206851834987bb6f42fdbde6965
1e7632ba7b83a2258cb88662d2fb2783d400dec3
854af7f8daaf516b72c709bf1c9e6ba2637431efac48d977c520440cb3b99dca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58ef724462e8781bbd27f0b2af154d0b
367adff260dc35adf50b3ebc3eace599272b61a3
6c090637e5d2130c067e08a7d60a6cf9e0fe1d8b1c33a743bd662cc7e70cd1ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C090637E5D2130C067E08A7D60A6CF9E0FE1D8B1C33A743BD662CC7E70CD1ED"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13239
Expires: Tue, 08 Nov 2022 02:22:18 GMT
Date: Mon, 07 Nov 2022 22:41:39 GMT
Connection: keep-alive

hydrahydra.kim/fetch.php?tracker=adsnet.work&site=aHR0cHM6Ly9vc3VzemFuaWUtbXBpLnBsL2pha2llLW1vZ2EtYnljLXByenljenlueS16YWxhbi8=

193.3.19.36

200 OK

0 B

URL HTTP/1.1
hydrahydra.kim/fetch.php?tracker=adsnet.work&site=aHR0cHM6Ly9vc3VzemFuaWUtbXBpLnBsL2pha2llLW1vZ2EtYnljLXByenljenlueS16YWxhbi8=
IP
193.3.19.36:0
ASN
#50340 OOO Network of data-centers Selectel

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fetch.php?tracker=adsnet.work&site=aHR0cHM6Ly9vc3VzemFuaWUtbXBpLnBsL2pha2llLW1vZ2EtYnljLXByenljenlueS16YWxhbi8= HTTP/1.1
Host: hydrahydra.kim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 22:41:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3549d49ec9ef3b66f2f3da1f6172ef93
54fa67ac88099ed2d4cdf7e24c8b301c7a098d0b
0af6a29f343dcbc612e18ab821ae8555975e27c363d72205366a3c5bb85b7211

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
01c1a1367e530a799bcaee7de89eefee
19d2450df87f1f3bb1c94e6e0bafbd60c7aead00
79cce6506b30bd3c699a700851db3254c2b909e559c54408b7d254b8e50003e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&_u=IEBAAEAAAAAAACAAI~&z=1733447847

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&_u=IEBAAEAAAAAAACAAI~&z=1733447847
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&_u=IEBAAEAAAAAAACAAI~&z=1733447847 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 22:41:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&_u=IEBAAEAAAAAAACAAI~&z=1733447847

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&_u=IEBAAEAAAAAAACAAI~&z=1733447847
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-104394203-1&cid=1671493445.1667860896&jid=1396177918&_u=IEBAAEAAAAAAACAAI~&z=1733447847 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 22:41:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
01c1a1367e530a799bcaee7de89eefee
19d2450df87f1f3bb1c94e6e0bafbd60c7aead00
79cce6506b30bd3c699a700851db3254c2b909e559c54408b7d254b8e50003e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6e8ee97ec58f7d2991905f88bd3a463f
b87a69e7b938d01a4ac7d74ec69bffb4051695f0
1fe031e258c6a541e040de89c4ebcdfd9ddf78d391f77e858b44aef18469373d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 22:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CHeebo:100,300,400,500,700,800,900&subset=latin%2Clatin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CHeebo:100,300,400,500,700,800,900&subset=latin%2Clatin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins:300,400,500,600,700%7CHeebo:100,300,400,500,700,800,900&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Nov 2022 22:41:38 GMT
date: Mon, 07 Nov 2022 22:41:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

platform-api.sharethis.com/js/sharethis.js

143.204.55.6

200 OK

0 B

URL HTTP/2
platform-api.sharethis.com/js/sharethis.js
IP
143.204.55.6:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Mon, 07 Nov 2022 22:38:14 GMT
cache-control: max-age=600, public
etag: W/"302c5-xv+434/YRClN3FoC1ia4zCamsAQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZtgHjMDFY43bjd4ZIo3stulFkjZmmGIv8h8xqc2p5jlg0QwAkVgKbA==
age: 204
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400&subset=latin,latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400&subset=latin,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Nov 2022 22:41:38 GMT
date: Mon, 07 Nov 2022 22:41:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&display=fallback&ver=6.0.3

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&display=fallback&ver=6.0.3
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&display=fallback&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://osuszanie-mpi.pl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Nov 2022 22:41:38 GMT
date: Mon, 07 Nov 2022 22:41:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (50)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations