detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Fri, 09 Dec 2022 13:05:38 GMT
Age: 14873
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip
92.255.104.245301 Moved Permanently 121 B URL HTTP/1.1 krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip
IP 92.255.104.245:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 5cbe626c1f61e805eb290876b50e2735
b9da4ace4c9eba3ee71a571655dd94b8c38ad01b
8821f65778c160da52cd33cf5895be317d4b364fb25a92a4585dcab06cfdbc38
Analyzer Verdict Alert fortinet Malware
GET /upload/iblock/9ae/vector_vt-50ml_soft.zip HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=bHMz9hfxle08C0L4lMFt; Domain=.krikam.net; HttpOnly; Path=/; Expires=Sat, 09-Dec-2023 17:13:31 GMT
Date: Fri, 09 Dec 2022 17:13:03 GMT
Content-Type: text/html
Location: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 28
DDG-Cache-Status: HIT,MISS
Content-Length: 121
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11967
Expires: Fri, 09 Dec 2022 20:32:58 GMT
Date: Fri, 09 Dec 2022 17:13:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Fri, 09 Dec 2022 18:01:41 GMT
Date: Fri, 09 Dec 2022 17:13:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d42836dc0e2e2d4a7a0e9a567283f604
fb3997901684cdb8c58a011cdeee33e5301a68f0
d0bc935f0d67f7c5aad533fc623f56a91c4a91c0fb6637a92aadb064117e6116
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0BC935F0D67F7C5AAD533FC623F56A91C4A91C0FB6637A92AADB064117E6116"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8425
Expires: Fri, 09 Dec 2022 19:33:56 GMT
Date: Fri, 09 Dec 2022 17:13:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Fmwg/sw9gCJ1lMaWP5MtpLPBivyPFkM3DF5DmHPAiWK5wREJ/9Z1Xd93qHYcsFkU6nI4e7Nv1zQ=
x-amz-request-id: 8EW3SG1SW8YHRPVG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 17:00:38 GMT
age: 773
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3c919176b1aafd1dc48e9e0744de4930
e60201b0f727ce6524527e48419e5ba6a7c1ea23
da41966b72c837fb7d60fe1267258ca892d3ccf4d14efa3939089eeb46bd66d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA41966B72C837FB7D60FE1267258CA892D3CCF4D14EFA3939089EEB46BD66D3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15512
Expires: Fri, 09 Dec 2022 21:32:03 GMT
Date: Fri, 09 Dec 2022 17:13:31 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:31 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5556
Expires: Fri, 09 Dec 2022 18:46:08 GMT
Date: Fri, 09 Dec 2022 17:13:32 GMT
Connection: keep-alive
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Fri, 09 Dec 2022 13:05:38 GMT
Age: 14874
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 17:08:19 GMT
content-type: application/json
age: 313
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73ce9e8b1d0bf68e58d9331578dfe852
3f3acbba803a5a7f9bbc27cb6aea618dc2a04638
f134d48e874d84cf16b84b6ad0be89825446aac4884ade5ddee70b5bcb14a05c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5535
Cache-Control: max-age=94441
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:32 GMT
Etag: "63922506-1d7"
Expires: Sat, 10 Dec 2022 19:27:33 GMT
Last-Modified: Thu, 08 Dec 2022 17:55:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5470
Cache-Control: max-age=149073
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:32 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:38:05 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 16:33:13 GMT
age: 2419
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
52.43.92.228200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 52.43.92.228:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Fri, 09 Dec 2022 17:13:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
push.services.mozilla.com/
35.161.148.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.148.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nDkat2d1qOLEu4bAv0vGmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3hY7RiAny4gc4A5ma2stfCBpyy8=
krikam.net/bitrix/tools/bxready/.default/no-image.png
92.255.104.245200 OK 1.6 kB URL HTTP/2 krikam.net/bitrix/tools/bxready/.default/no-image.png
IP 92.255.104.245:0
File type PNG image data, 85 x 85, 8-bit/color RGB, non-interlaced\012- data
Hash 77ca04a9cb8713a927865b48a74417c0
b56908bd27f20e605dde8d9186501f71f26f5393
2300a9ceb459fdd237ee8322877839743f082db5cb9ba0cb65d8a0a1deca866b
GET /bitrix/tools/bxready/.default/no-image.png HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/png
content-length: 1555
last-modified: Tue, 19 Apr 2022 14:22:48 GMT
etag: "613-5dd029c7e739c"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/images/kakaya_raciya.png
92.255.104.245200 OK 13 kB URL HTTP/2 krikam.net/images/kakaya_raciya.png
IP 92.255.104.245:0
File type PNG image data, 260 x 270, 8-bit colormap, non-interlaced\012- data
Hash 4b4c74be952c108c6acf201853d74ba6
ba8721033d4a3f3fa7b60afbec9440fc728ab87f
7b06274cb91e3e08f07d7c81ddd24701ce6e1360d2f4ab0eaa54df465f918883
GET /images/kakaya_raciya.png HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/png
content-length: 12774
last-modified: Tue, 19 Apr 2022 14:22:52 GMT
etag: "31e6-5dd029cb7a44f"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/images/krikamnet_logo_vector_white%203.png
92.255.104.245200 OK 32 kB URL HTTP/2 krikam.net/images/krikamnet_logo_vector_white%203.png
IP 92.255.104.245:0
File type PNG image data, 721 x 208, 8-bit/color RGBA, non-interlaced\012- data
Hash 0cc9dac858d5b7d962fa319c8b6e4636
96cf16d4cef371d9c75a5d43c20a1c1b96cba3d0
24495e7b1f2a70236940f35856541423183d9a57800f6047485bcc36a9df6c58
GET /images/krikamnet_logo_vector_white%203.png HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/png
content-length: 32398
last-modified: Thu, 08 Dec 2022 11:27:42 GMT
etag: "7e8e-5ef4f5345b934"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 44e9cfe5071adc8d8186579319c9cd89
79cbd9b827c94cd58db448accd3ed58289236238
1374e168fb9bf413edabec4a4be5ea1515c5b814fcf1164880bcf1b0d7ab835b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 17:13:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 13 Dec 2022 13:20:40 GMT
ETag: "79cbd9b827c94cd58db448accd3ed58289236238"
Last-Modified: Fri, 09 Dec 2022 13:20:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 500
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776f5f3aab6cb51d-OSL
krikam.net/bitrix/fonts/fontawesome-webfont.woff2?v=4.3.0
92.255.104.245200 OK 57 kB URL HTTP/2 krikam.net/bitrix/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 92.255.104.245:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Malware
GET /bitrix/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/kernel_main/kernel_main_v1.css?1660820987198290
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Thu, 21 Jul 2022 18:34:17 GMT
content-length: 56780
last-modified: Tue, 19 Apr 2022 14:22:28 GMT
etag: "ddcc-5dd029b4c4c3b"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 21 Jul 2023 18:34:17 GMT
age: 12177555
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
krikam.net/images/krikamnet_logo_3x.png
92.255.104.245200 OK 46 kB URL HTTP/2 krikam.net/images/krikamnet_logo_3x.png
IP 92.255.104.245:0
File type PNG image data, 721 x 219, 8-bit/color RGBA, non-interlaced\012- data
Hash fd21c36e772c8da4c81c646819c55f85
514908f18ffd8b7e958b888cf468202b8f5aaa8a
077c5141fc5fb9288ff5e3a83280b7a71e9a70b2fda130eb639ee762ffa7d53e
GET /images/krikamnet_logo_3x.png HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/png
content-length: 46344
last-modified: Thu, 08 Dec 2022 11:02:29 GMT
etag: "b508-5ef4ef91ae5e8"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/bitrix/js/ui/fonts/opensans/opensans-regular.woff
92.255.104.245200 OK 67 kB URL HTTP/2 krikam.net/bitrix/js/ui/fonts/opensans/opensans-regular.woff
IP 92.255.104.245:0
File type Web Open Font Format, TrueType, length 67328, version 1.0\012- data
Hash 9ee27ecb1c4b98e4e52892fff5049826
7d189111693bb782c4b4a4c97c7520215672949d
3c49d5554bef01dc496ee12c0ff20b46a035fe5625fef7798ec243894cafb5d1
Analyzer Verdict Alert fortinet Malware
GET /bitrix/js/ui/fonts/opensans/opensans-regular.woff HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/kernel_main/kernel_main_v1.css?1660820987198290
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: application/font-woff
content-length: 67328
last-modified: Tue, 19 Apr 2022 14:22:30 GMT
etag: "10700-5dd029b6060e2"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/soc_icons/soc_facebook.svg
92.255.104.245200 OK 825 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/soc_icons/soc_facebook.svg
IP 92.255.104.245:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e5c27aa9a6f10971d486e8fc12daa8b3
c53e8a7c5849374d0c49bc88eb3fe99924bec1b3
bd6bd4accbfc6cca94ef7c48701cea0fd013c9daf7180aea4da6eaf75defe866
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/soc_icons/soc_facebook.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"248-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/header_icons/pin.svg
92.255.104.245200 OK 985 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/header_icons/pin.svg
IP 92.255.104.245:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 16fd67c9a7a084f3c571fddc8644e1d9
31da9ee8b3f9d70ee2426713138bd44ab47df5d3
16d266a2a1fd7900369fb4a853415e2de3dd92357e64b2708f8b84a65cf1b356
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/header_icons/pin.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"3ad-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14720, version 1.0\012- data
Hash d08c09f2f169f4a6edbcf8b8d1636cb4
5a6a45d6f98752b11ccb7c4f0f6fd7faf18ad1a7
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
GET /s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:16 GMT
expires: Sat, 09 Dec 2023 13:33:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
content-type: font/woff2
age: 13216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
142.250.74.35200 OK 9.5 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9528, version 1.0\012- data
Hash 3f906cfda5176ad179d79169cdb3364b
87a6bdc2c81947d304e93d1886229d2dbc19185b
29b209303bcb15d1c9e55c86e19607579b755a5b2cb9388e8d4614f5185769a7
GET /s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 16:54:10 GMT
expires: Thu, 07 Dec 2023 16:54:10 GMT
cache-control: public, max-age=31536000
age: 173962
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/css/fonts/opensansbold.woff2
92.255.104.245200 OK 24 kB URL HTTP/2 krikam.net/local/templates/market_column/css/fonts/opensansbold.woff2
IP 92.255.104.245:0
File type Web Open Font Format (Version 2), TrueType, length 24448, version 1.6554\012- data
Hash 313824e85557a721d326424b6eb63fec
9151d135da182e904fe1b568f80749d51a88df8b
8c9fba713be2ea7e35b6e266736a713c00328d61759e401890794831b6db525e
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/css/fonts/opensansbold.woff2 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/kernel_main/kernel_main_v1.css?1660820987198290
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 24 Jul 2022 04:19:48 GMT
content-length: 24448
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: "5f80-5dd029cd33ad7"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 24 Jul 2023 04:19:48 GMT
age: 11969624
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/soc_icons/soc_viber.svg
92.255.104.245200 OK 23 kB URL HTTP/2 krikam.net/local/templates/market_column/images/icons/soc_icons/soc_viber.svg
IP 92.255.104.245:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e068dae7a54e3987f618ed3aa4347c8e
57eac251185146e020aa4a5df910c4e51b52a1e3
8702de90c6fd46a10d9c398cddc44b68ac74d9aba6a37293202ea0bbed73a1d9
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/soc_icons/soc_viber.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"826-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/css/fonts/opensans.woff2
92.255.104.245200 OK 25 kB URL HTTP/2 krikam.net/local/templates/market_column/css/fonts/opensans.woff2
IP 92.255.104.245:0
File type Web Open Font Format (Version 2), TrueType, length 24908, version 1.6554\012- data
Hash 48aa7ad98beedc63d82925f45fd8e72c
d699b7850b233ef8c0ad83fd4e9a95b8c19c0275
2c003703a07bac02b8e42b49562a2cdb95b9b68ef4bd669b6c9c7e9919f7dbe7
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/css/fonts/opensans.woff2 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/kernel_main/kernel_main_v1.css?1660820987198290
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 20 Nov 2022 04:59:08 GMT
content-length: 24908
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: "614c-5dd029cd33ad7"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 20 Nov 2023 04:59:08 GMT
age: 1685664
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22
35.241.9.150200 OK 8.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (8322), with no line terminators
Hash 7124adf8e0faebbc77b775185aaf3b33
aacce2c95e9e0c77a0d356fd948b3298937ef6c3
eec0a6dea45d80964aa28968deac9c4cc4190f7aeb28205a8448304499cc9c88
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 8322
via: 1.1 google
date: Fri, 09 Dec 2022 16:28:23 GMT
age: 2709
last-modified: Thu, 08 Dec 2022 18:37:21 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: XLvi3vd0S9DtqDAeg/G3l2E/6gWwZNkQ8IGRgvv9tyHMbU63a8uDIHUSFLvI1fvmF+tor2aDWKs=
x-amz-request-id: 2PMQNQVP90SHNR27
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 16:48:24 GMT
age: 1508
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
krikam.net/ajax/compare.php?ajaxbuy=yes&rg=0.007700440910167083
92.255.104.245200 OK 362 B URL HTTP/2 krikam.net/ajax/compare.php?ajaxbuy=yes&rg=0.007700440910167083
IP 92.255.104.245:0
File type HTML document, ISO-8859 text
Hash 9ab30f1b9c1ba0fdf933d6fdba75d140
421f12eb0d06cbbe53efd5311082648c309cd76e
6098269317376a3418dc92bd0784e7d7e81a1086cbd7e0919b9a78209bdf43cc
GET /ajax/compare.php?ajaxbuy=yes&rg=0.007700440910167083 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: text/html; charset=windows-1251
content-length: 362
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms: Bitrix Site Manager (a21ebe23dcd0971adf9348f7f21ba495)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=31536000, private, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
krikam.net/ajax/basket_action.php?ajaxbuy=yes&template=fixed&rg=0.5996058176143076
92.255.104.245200 OK 937 B URL HTTP/2 krikam.net/ajax/basket_action.php?ajaxbuy=yes&template=fixed&rg=0.5996058176143076
IP 92.255.104.245:0
File type ISO-8859 text, with CRLF, LF line terminators
Hash 6ccd4031bcf9345fc34c70bf36ca5193
99e5f7bd9fe8a67ae3000e63816404dcd40c544c
405432d981827dde4bf6e6a7bc3c1293ca4f83e6ca510ea7bef9195d447ad1f9
GET /ajax/basket_action.php?ajaxbuy=yes&template=fixed&rg=0.5996058176143076 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: text/html; charset=windows-1251
content-length: 937
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms: Bitrix Site Manager (a21ebe23dcd0971adf9348f7f21ba495)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=31536000, private, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670599743978&_since=%221666279968541%22
35.241.9.150200 OK 54 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670599743978&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (54193), with no line terminators
Hash 5a98098b5b566c76b9553c78c05f13c5
5e0979e26203a417536fffa1c89e8cb432c291a7
b15e91c5910ce29f36e280f007e5397e1f0d893e55f0cd0fc1a81d8615850cdc
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670599743978&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 54193
via: 1.1 google
date: Fri, 09 Dec 2022 16:40:34 GMT
age: 1979
last-modified: Fri, 09 Dec 2022 15:29:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-ru.bitrix24.ru/b12183/crm/form/app.js?19335
46.235.53.69200 OK 34 kB URL HTTP/2 cdn-ru.bitrix24.ru/b12183/crm/form/app.js?19335
IP 46.235.53.69:0
Hash e70e8bc877abc4f78de2a144cf879e8d
e0cb63bce1406f62df8255c5919cf57bc1adfd1a
f6a03ee88240425645d326c7420bd0577358607c014d28b11132c95331f1459c
GET /b12183/crm/form/app.js?19335 HTTP/1.1
Host: cdn-ru.bitrix24.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/javascript
x-req-id: 22MpC23hp
last-modified: Tue, 14 Dec 2021 07:34:07 GMT
etag: W/"b5a3d1a60e21ea4693be377b11c7e54a"
x-host: hotbox7
content-encoding: gzip
expires: Sun, 08 Jan 2023 17:13:33 GMT
cache-control: max-age=2592000
server-timing: t1;dur=0.022, t2;dur=0.022, t3;dur=0.000, tc1;dur=27750, tc2;dur=1750, tc3;dur=20
x-bitrix-lb: lb-ru-back-03
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1681), with no line terminators
Hash 2340af2b6492b7d56b14a1d3276a7140
2e9ac7d9cf1dda477e24841874ceac7258c9e0b8
a49e7182487992abba172f758b9ae8129931086af51f3caa29731d29d4b7ba40
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1681
via: 1.1 google
date: Fri, 09 Dec 2022 16:43:09 GMT
age: 1824
last-modified: Thu, 08 Dec 2022 16:36:42 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash fc59df2a1ddb194b9927e1bd05da82a5
54ae083c87343de5c5082cd16f6e4ec8e45769bc
cb645a2b572db86fddd92d7b4f54c55f1cb6ecada044fff5b5aea30e7df875f4
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Fri, 09 Dec 2022 17:08:20 GMT
age: 313
last-modified: Wed, 07 Dec 2022 15:06:39 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670371273925&_since=%221666483264567%22
35.241.9.150200 OK 54 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670371273925&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (53768), with no line terminators
Hash 420d2a8a87862ec8fb8678a2ec713b1b
ad55178f6765ac90ef6e073ba30d9d5508b6ce15
f923b4f7170196fa90968f69c3e8e8c18020e643dd6f9002817742cf6651ba8d
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670371273925&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 53768
via: 1.1 google
date: Fri, 09 Dec 2022 16:57:52 GMT
age: 941
last-modified: Wed, 07 Dec 2022 00:01:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
popup-static.unisender.com/service/vendors/underscore.js
195.13.237.72200 OK 17 kB URL HTTP/2 popup-static.unisender.com/service/vendors/underscore.js
IP 195.13.237.72:0
Hash f9d367139430c462979eb3e87e8714f0
1b70a456d55c465edaeef0a0aa4f44e91c43b58b
f86a50501f554be80df071a416a1988ff017b0e306cda0aa5fd82edb0af0ea99
GET /service/vendors/underscore.js HTTP/1.1
Host: popup-static.unisender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 27 Sep 2022 13:12:34 GMT
etag: W/"6332f6c2-3f56"
expires: Sat, 10 Dec 2022 17:13:33 GMT
cache-control: max-age=86400
content-encoding: gzip
x-robots-tag: noindex,nofollow
x-powered-by: EmailDelivery
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
popup-static.unisender.com/service/vendors/jquery.js
195.13.237.72200 OK 50 kB URL HTTP/2 popup-static.unisender.com/service/vendors/jquery.js
IP 195.13.237.72:0
File type ASCII text, with very long lines (32021)
Hash 7c286d7f1c28a0865b3c7c48250d3422
7f5fc0ea067ddd457abd7662cfbc51b8fc41f229
263f689a6a2ee12e0fe868f6a57701d4c6287053797f47e82946de209351a9bd
GET /service/vendors/jquery.js HTTP/1.1
Host: popup-static.unisender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 27 Sep 2022 13:12:35 GMT
etag: W/"6332f6c3-14b2b"
expires: Sat, 10 Dec 2022 17:13:33 GMT
cache-control: max-age=86400
content-encoding: gzip
x-robots-tag: noindex,nofollow
x-powered-by: EmailDelivery
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash cddc487e43e7a57cb8c356a76dc23436
c7dd365fdc017625c1780bed6dcdfdfd0e3d087f
ead29bb610d6bba4d483440b80b0d6d312a380b8a2d2f72d18d4e58354261f9c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 17:13:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 13 Dec 2022 15:16:18 GMT
ETag: "c7dd365fdc017625c1780bed6dcdfdfd0e3d087f"
Last-Modified: Fri, 09 Dec 2022 15:16:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 201
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776f5f416ca8b51d-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash b73601cfb1b4caea4dffc17ca95811c9
d3bf77171c79a686e6a75f053d891da6fb380ded
c2399d937748c650471d4a7eb83e85341f932d2725689bab6b321660d31b642b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 17:13:33 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 13 Dec 2022 15:04:30 GMT
ETag: "d3bf77171c79a686e6a75f053d891da6fb380ded"
Last-Modified: Fri, 09 Dec 2022 15:04:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2353
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776f5f41b8e2b50c-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 730583ac85dd27656bad88150567d34a
c05375ce2016cc335fffbfc76974348032951545
07ef5576f95557ec9f756e4ddfba277e3308d897c86ad5bc9dcd6e8e7270fb26
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Fri, 09 Dec 2022 17:08:55 GMT
age: 278
last-modified: Mon, 05 Dec 2022 16:36:54 GMT
etag: "1670258214122"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
vk.com/js/api/openapi.js?162
87.240.132.78200 OK 23 kB URL HTTP/2 vk.com/js/api/openapi.js?162
IP 87.240.132.78:0
File type ASCII text, with very long lines (3849)
Hash 6b56e2aa629cc5f334bba9e200af3bfe
1e99707868f45c499400d95e75348c3d7b7686f5
7cb4aa1277e9f29f5c6d21c642b7c08cfce199332e30395c20995847a0db3fab
GET /js/api/openapi.js?162 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/x-javascript
content-length: 23318
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
etag: "6389a5e0-5b16"
content-encoding: br
expires: Tue, 13 Dec 2022 17:13:33 GMT
cache-control: max-age=345600
x-frontend: front225207
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 53a3f7b3b704cfaf73db62670e538a5b
f92fbcd2c053cc26fe81474c19bfcf3fd94e901e
d5a8da9110e55a35fc8d1f47cd54e84ab99f26d25bd1a4325bdff8bfa76c0ac7
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Fri, 09 Dec 2022 16:38:25 GMT
age: 2108
last-modified: Mon, 05 Dec 2022 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
popup-static.unisender.com/service/vendors/raven.js
195.13.237.72200 OK 82 kB URL HTTP/2 popup-static.unisender.com/service/vendors/raven.js
IP 195.13.237.72:0
Hash d1cca13bc0fe526e6d11cd7c7f8a623b
56668ba6f67ecaf87da14c77d7b2829da1b4c1ec
ac3d1e5e8a3d6bd2ba1da5bc481486b6838e868121aa0142bae07267f5589c00
GET /service/vendors/raven.js HTTP/1.1
Host: popup-static.unisender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 27 Sep 2022 13:12:34 GMT
etag: W/"6332f6c2-5de2"
expires: Sat, 10 Dec 2022 17:13:33 GMT
cache-control: max-age=86400
content-encoding: gzip
x-robots-tag: noindex,nofollow
x-powered-by: EmailDelivery
X-Firefox-Spdy: h2
vk.com/rtrg?p=VK-RTRG-438139-6qNQ&metatag_url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&metatag_title=%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.
87.240.132.78200 OK 65 B URL HTTP/2 vk.com/rtrg?p=VK-RTRG-438139-6qNQ&metatag_url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&metatag_title=%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.
IP 87.240.132.78:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ec4341fe3a8b2c4880fbfe0ef9cde34f
a0947414eb426b2939ca1a05fc870763f6bfc63f
01229c58f8015c623259e635969b8520945e2e0de1927a1375d48ad0ce915463
GET /rtrg?p=VK-RTRG-438139-6qNQ&metatag_url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&metatag_title=%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0. HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 09 Dec 2022 17:13:34 GMT
content-type: image/gif
content-length: 65
x-powered-by: KPHP/7.4.112815
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Tue, 12 Dec 2023 03:51:16 GMT; path=/; domain=.vk.com
remixstlid=9083847603219318290_8kVC8T82ZshA1GJJpzZAlkwcGKRZA64o0xt05lShU90; expires=Sat, 09 Dec 2023 17:13:34 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front225207
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
popup.unisender.com/web/pixel/host/?vid=4621274377&client=52985&host=krikam.net
195.13.237.72200 OK 42 B URL HTTP/2 popup.unisender.com/web/pixel/host/?vid=4621274377&client=52985&host=krikam.net
IP 195.13.237.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /web/pixel/host/?vid=4621274377&client=52985&host=krikam.net HTTP/1.1
Host: popup.unisender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:34 GMT
content-type: image/gif
content-length: 42
x-frame-options: SAMEORIGIN
vary: Cookie
set-cookie: vid=4621274377; expires=Wed, 07 Jun 2023 17:13:34 GMT; Path=/
access-control-allow-credentials: true
x-robots-tag: noindex,nofollow
x-powered-by: EmailDelivery
X-Firefox-Spdy: h2
popup-static.unisender.com/service/forms.js?v=1.27.4
195.13.237.72200 OK 65 kB URL HTTP/2 popup-static.unisender.com/service/forms.js?v=1.27.4
IP 195.13.237.72:0
Hash 7e24bc9540d84e9e442c0a9a87ba9ae9
654e95e5a207ece9d91103d0ffce2a5c428cbe02
668374aea59fca3cdfedad09395389995992dc9f09887629d90f251a021c35e0
GET /service/forms.js?v=1.27.4 HTTP/1.1
Host: popup-static.unisender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 27 Sep 2022 13:12:35 GMT
etag: W/"6332f6c3-36e48"
expires: Sat, 10 Dec 2022 17:13:33 GMT
cache-control: max-age=86400
content-encoding: gzip
x-robots-tag: noindex,nofollow
x-powered-by: EmailDelivery
X-Firefox-Spdy: h2
popup.unisender.com/web/pixel/stats/?type=pageview&url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&vid=4621274377&client=52985&source=typein&device=pc&u_s=(direct)
195.13.237.72200 OK 42 B URL HTTP/2 popup.unisender.com/web/pixel/stats/?type=pageview&url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&vid=4621274377&client=52985&source=typein&device=pc&u_s=(direct)
IP 195.13.237.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /web/pixel/stats/?type=pageview&url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&vid=4621274377&client=52985&source=typein&device=pc&u_s=(direct) HTTP/1.1
Host: popup.unisender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:34 GMT
content-type: image/gif
content-length: 42
x-frame-options: SAMEORIGIN
vary: Cookie
set-cookie: vid=4621274377; expires=Wed, 07 Jun 2023 17:13:34 GMT; Path=/
access-control-allow-credentials: true
x-robots-tag: noindex,nofollow
x-powered-by: EmailDelivery
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7524
Expires: Fri, 09 Dec 2022 19:18:58 GMT
Date: Fri, 09 Dec 2022 17:13:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7524
Expires: Fri, 09 Dec 2022 19:18:58 GMT
Date: Fri, 09 Dec 2022 17:13:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10609
Expires: Fri, 09 Dec 2022 20:10:23 GMT
Date: Fri, 09 Dec 2022 17:13:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10609
Expires: Fri, 09 Dec 2022 20:10:23 GMT
Date: Fri, 09 Dec 2022 17:13:34 GMT
Connection: keep-alive
mc.yandex.ru/watch/46244097?wmode=7&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy2bjvswh02szcd631p0n%3Afp%3A1394%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A173672309618%3Ahid%3A680897886%3Az%3A0%3Ai%3A20221209171333%3Aet%3A1670606013%3Ac%3A1%3Arn%3A851441072%3Arqn%3A1%3Au%3A1670606013957522201%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C494%2C19%2C442%2C0%2C%2C698%2C33%2C%2C%2C%2C1674%3Aco%3A0%3Ans%3A1670606010350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670606013%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 503 B URL HTTP/2 mc.yandex.ru/watch/46244097?wmode=7&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy2bjvswh02szcd631p0n%3Afp%3A1394%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A173672309618%3Ahid%3A680897886%3Az%3A0%3Ai%3A20221209171333%3Aet%3A1670606013%3Ac%3A1%3Arn%3A851441072%3Arqn%3A1%3Au%3A1670606013957522201%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C494%2C19%2C442%2C0%2C%2C698%2C33%2C%2C%2C%2C1674%3Aco%3A0%3Ans%3A1670606010350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670606013%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
GET /watch/46244097?wmode=7&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy2bjvswh02szcd631p0n%3Afp%3A1394%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A173672309618%3Ahid%3A680897886%3Az%3A0%3Ai%3A20221209171333%3Aet%3A1670606013%3Ac%3A1%3Arn%3A851441072%3Arqn%3A1%3Au%3A1670606013957522201%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C494%2C19%2C442%2C0%2C%2C698%2C33%2C%2C%2C%2C1674%3Aco%3A0%3Ans%3A1670606010350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670606013%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/46244097/1?wmode=7&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy2bjvswh02szcd631p0n%3Afp%3A1394%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A173672309618%3Ahid%3A680897886%3Az%3A0%3Ai%3A20221209171333%3Aet%3A1670606013%3Ac%3A1%3Arn%3A851441072%3Arqn%3A1%3Au%3A1670606013957522201%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C494%2C19%2C442%2C0%2C%2C698%2C33%2C%2C%2C%2C1674%3Aco%3A0%3Ans%3A1670606010350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670606013%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 09 Dec 2022 17:13:34 GMT
access-control-allow-origin: https://krikam.net
set-cookie: yabs-sid=1555066571670606014; Path=/; SameSite=None; Secure
i=4mZgX4ZHlkstNDt1/zMa73RRiNJsFFMJEdtVdUkAzNQHzu5MyE1GHhnA4fc6CpQaf7Zow6wQrlSDclyRQ8i6L5Xq7P4=; Expires=Mon, 06-Dec-2032 17:13:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5115084771670606014; Expires=Sat, 09-Dec-2023 17:13:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5115084771670606014; Expires=Sat, 09-Dec-2023 17:13:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702142014.yc.1670606014#1702142014.yrts.1670606014#1702142014.yrtsi.1670606014; Expires=Sat, 09-Dec-2023 17:13:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 17:13:34 GMT
last-modified: Fri, 09-Dec-2022 17:13:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 69730
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 35975
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 16798
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 36019
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 23:37:39 GMT
age: 63355
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 48908
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bitrix.info/bx_stat
52.209.225.49200 OK 31 kB IP 52.209.225.49:0
Hash 08be0596f86a8e0f79c1d2400da14830
61d656a322c6c6025b14ae4299fdcb42f2045ab9
6cb97f36bc13b626dd6e704f0ef667ac08025d6f8033f82696ce3c555e598214
POST /bx_stat HTTP/1.1
Host: bitrix.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 334
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Cookie: bx_user_id=fc4e189e1569d60616ed815c237ed9f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 17:13:34 GMT
content-type: application/javascript
server: nginx/1.10.1
etag: fc4e189e1569d60616ed815c237ed9f1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: bx_user_id=fc4e189e1569d60616ed815c237ed9f1; expires=Mon, 06-Dec-32 17:13:34 GMT; path=/; domain=bitrix.info; SameSite=None; Secure
access-control-allow-origin: https://krikam.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 17:13:34 GMT
access-control-allow-origin: *
etag: "6392ed22-2b"
expires: Fri, 09 Dec 2022 18:13:34 GMT
accept-ranges: bytes
last-modified: Fri, 09 Dec 2022 11:09:06 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/46244097/1?wmode=7&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy2bjvswh02szcd631p0n%3Afp%3A1394%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A173672309618%3Ahid%3A680897886%3Az%3A0%3Ai%3A20221209171333%3Aet%3A1670606013%3Ac%3A1%3Arn%3A851441072%3Arqn%3A1%3Au%3A1670606013957522201%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C494%2C19%2C442%2C0%2C%2C698%2C33%2C%2C%2C%2C1674%3Aco%3A0%3Ans%3A1670606010350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670606013%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 878 B URL HTTP/2 mc.yandex.ru/watch/46244097/1?wmode=7&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy2bjvswh02szcd631p0n%3Afp%3A1394%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A173672309618%3Ahid%3A680897886%3Az%3A0%3Ai%3A20221209171333%3Aet%3A1670606013%3Ac%3A1%3Arn%3A851441072%3Arqn%3A1%3Au%3A1670606013957522201%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C494%2C19%2C442%2C0%2C%2C698%2C33%2C%2C%2C%2C1674%3Aco%3A0%3Ans%3A1670606010350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670606013%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (878), with no line terminators
Hash 82c1bd5718c5c0bd05944acd5071f613
c99458943079189cb9fed3c654956e2d28a58e21
9a04fb2b88b8a5c9e1bd69de884b6c19eec3ea3ef5894f0a00ea270d9f4e5948
GET /watch/46244097/1?wmode=7&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy2bjvswh02szcd631p0n%3Afp%3A1394%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A173672309618%3Ahid%3A680897886%3Az%3A0%3Ai%3A20221209171333%3Aet%3A1670606013%3Ac%3A1%3Arn%3A851441072%3Arqn%3A1%3Au%3A1670606013957522201%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C494%2C19%2C442%2C0%2C%2C698%2C33%2C%2C%2C%2C1674%3Aco%3A0%3Ans%3A1670606010350%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670606013%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404.%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://krikam.net
Referer: https://krikam.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 878
date: Fri, 09 Dec 2022 17:13:34 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://krikam.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 17:13:34 GMT
last-modified: Fri, 09-Dec-2022 17:13:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&gjid=1265246376&_gid=1472282837.1670606013&_u=YEBAAEAAAAAAACAAI~&z=91768408
173.194.222.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&gjid=1265246376&_gid=1472282837.1670606013&_u=YEBAAEAAAAAAACAAI~&z=91768408
IP 173.194.222.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&gjid=1265246376&_gid=1472282837.1670606013&_u=YEBAAEAAAAAAACAAI~&z=91768408 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://krikam.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 17:13:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&_u=YEBAAEAAAAAAACAAI~&z=1872124433
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&_u=YEBAAEAAAAAAACAAI~&z=1872124433
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&_u=YEBAAEAAAAAAACAAI~&z=1872124433 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:13:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&_u=YEBAAEAAAAAAACAAI~&z=1872124433
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&_u=YEBAAEAAAAAAACAAI~&z=1872124433
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107278303-4&cid=1610648988.1670606013&jid=3435634&_u=YEBAAEAAAAAAACAAI~&z=1872124433 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 17:13:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 17:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash dc5bc63fd2c03bd3cf883f968003657d
4adfe46f3d88516e0edce9297b597f8eb34788cd
301d321653d1acc808ac5a854af94d14445ef86737da21192309035634492d32
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 17:13:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 21:59:23 GMT
Expires: Fri, 09 Dec 2022 21:59:23 GMT
ETag: "4adfe46f3d88516e0edce9297b597f8eb34788cd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
mc.yandex.ru/webvisor/46244097?wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=848143471&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670606017%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171336%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606017&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/46244097?wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=848143471&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670606017%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171336%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606017&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/46244097?wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=848143471&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670606017%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171336%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606017&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 223588
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 17:13:37 GMT
access-control-allow-origin: https://krikam.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 17:13:37 GMT
last-modified: Fri, 09-Dec-2022 17:13:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/46244097?wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=239751233&wv-type=3&browser-info=we%3A1%3Aet%3A1670606017%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171337%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606017&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/46244097?wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=239751233&wv-type=3&browser-info=we%3A1%3Aet%3A1670606017%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171337%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606017&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/46244097?wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=239751233&wv-type=3&browser-info=we%3A1%3Aet%3A1670606017%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171337%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606017&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 17:13:38 GMT
access-control-allow-origin: https://krikam.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 17:13:38 GMT
last-modified: Fri, 09-Dec-2022 17:13:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/46244097?wv-check=25552&wv-type=0&wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=204590936&browser-info=we%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/46244097?wv-check=25552&wv-type=0&wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=204590936&browser-info=we%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/46244097?wv-check=25552&wv-type=0&wmode=0&wv-part=1&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=204590936&browser-info=we%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 17:13:39 GMT
access-control-allow-origin: https://krikam.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 17:13:39 GMT
last-modified: Fri, 09-Dec-2022 17:13:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/46244097?wmode=0&wv-part=2&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=338959802&wv-type=3&browser-info=we%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/46244097?wmode=0&wv-part=2&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=338959802&wv-type=3&browser-info=we%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/46244097?wmode=0&wv-part=2&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=338959802&wv-type=3&browser-info=we%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 17:13:39 GMT
access-control-allow-origin: https://krikam.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 17:13:39 GMT
last-modified: Fri, 09-Dec-2022 17:13:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/46244097?wmode=0&wv-part=2&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=799005293&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/46244097?wmode=0&wv-part=2&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=799005293&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/46244097?wmode=0&wv-part=2&wv-hit=680897886&page-url=https%3A%2F%2Fkrikam.net%2Fupload%2Fiblock%2F9ae%2Fvector_vt-50ml_soft.zip%2F&rn=799005293&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670606018%3Aw%3A1268x939%3Av%3A942%3Az%3A0%3Ai%3A20221209171338%3Au%3A1670606013957522201%3Avf%3Awy2bjvswh02szcd631p0n%3Ast%3A1670606018&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 17:13:39 GMT
access-control-allow-origin: https://krikam.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 17:13:39 GMT
last-modified: Fri, 09-Dec-2022 17:13:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
krikam.net/bitrix/js/main/core/core.js?1661440339564311
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/bitrix/js/main/core/core.js?1661440339564311
IP 92.255.104.245:0
GET /bitrix/js/main/core/core.js?1661440339564311 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 25 Aug 2022 15:12:19 GMT
etag: W/"89c57-5e7123938bac0-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip
92.255.104.245301 Moved Permanently 0 B URL HTTP/2 krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /upload/iblock/9ae/vector_vt-50ml_soft.zip HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: ddos-guard
set-cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; Domain=.krikam.net; HttpOnly; Path=/; Expires=Sat, 09-Dec-2023 17:13:31 GMT
date: Fri, 09 Dec 2022 16:55:14 GMT
content-type: text/html; charset=iso-8859-1
location: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 16:55:14 GMT
age: 1097
ddg-cache-status: HIT,MISS
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 0 B URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:31 GMT
content-type: application/json
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: WrGmfvWK-2-UWJd1Cbq4XI2mFupVvV2j1O_6xxgbekfSX1qjwUIJRA==
age: 80
content-encoding: gzip
via: 1.1 1f8eeeb66cf69eb3f901d42ffcb25050.cloudfront.net (CloudFront), 1.1 google
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
krikam.net/bitrix/js/main/popup/dist/main.popup.bundle.css?165693472626345
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/bitrix/js/main/popup/dist/main.popup.bundle.css?165693472626345
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /bitrix/js/main/popup/dist/main.popup.bundle.css?165693472626345 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 11:38:46 GMT
etag: W/"66e9-5e2f92dc70562-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/i-telephona.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/i-telephona.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/i-telephona.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"5e4-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/money_icons/$_mastercard.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/money_icons/$_mastercard.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/money_icons/$_mastercard.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"bb3-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/soc_icons/soc_telegram.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/soc_icons/soc_telegram.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/soc_icons/soc_telegram.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"414-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-ru.bitrix24.ru/b12183/crm/form/loader_16.js?9281144
46.235.53.69200 OK 0 B URL HTTP/2 cdn-ru.bitrix24.ru/b12183/crm/form/loader_16.js?9281144
IP 46.235.53.69:0
GET /b12183/crm/form/loader_16.js?9281144 HTTP/1.1
Host: cdn-ru.bitrix24.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:34 GMT
content-type: application/javascript
x-req-id: 4gHmGbfT
last-modified: Tue, 14 Dec 2021 07:36:06 GMT
etag: W/"e944078d08d3bbc2adbedb4ac5b4c757"
x-host: hb-front9
content-encoding: gzip
expires: Sun, 08 Jan 2023 17:13:34 GMT
cache-control: max-age=2592000
server-timing: t1;dur=0.037, t2;dur=0.037, t3;dur=0.000, tc1;dur=37625, tc2;dur=6750, tc3;dur=20
x-bitrix-lb: lb-ru-back-03
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/money_icons/$_yandex_dengi_icon.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/money_icons/$_yandex_dengi_icon.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/money_icons/$_yandex_dengi_icon.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"2d4-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/money_icons/$_qiwi.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/money_icons/$_qiwi.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/money_icons/$_qiwi.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"917-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/bitrix/cache/js/s1/market_column/template_a6adb5d7e635a68e581fda90c4a73544/template_a6adb5d7e635a68e581fda90c4a73544_v1.js?1660820987476823
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/bitrix/cache/js/s1/market_column/template_a6adb5d7e635a68e581fda90c4a73544/template_a6adb5d7e635a68e581fda90c4a73544_v1.js?1660820987476823
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /bitrix/cache/js/s1/market_column/template_a6adb5d7e635a68e581fda90c4a73544/template_a6adb5d7e635a68e581fda90c4a73544_v1.js?1660820987476823 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 18 Aug 2022 11:09:47 GMT
etag: W/"74697-5e68204ff8e8d-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/load/gtm.js?id=GTM-K322PSC
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/load/gtm.js?id=GTM-K322PSC
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /load/gtm.js?id=GTM-K322PSC HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 19 Apr 2022 14:22:52 GMT
etag: W/"1d1a9-5dd029cb830ef-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:33 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
popup.unisender.com/web/init/52985/
195.13.237.88200 OK 0 B URL HTTP/2 popup.unisender.com/web/init/52985/
IP 195.13.237.88:0
GET /web/init/52985/ HTTP/1.1
Host: popup.unisender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://krikam.net
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:34 GMT
content-type: application/json
x-frame-options: SAMEORIGIN
vary: Cookie
set-cookie: vid=4621274377; expires=Wed, 07 Jun 2023 17:13:34 GMT; Path=/
access-control-allow-credentials: true
content-encoding: gzip
x-robots-tag: noindex,nofollow
access-control-allow-origin: https://krikam.net
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: Authorization, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Content-Range, Range, Origin, Accept, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Language, Captcha, X-BEE-Authorization
access-control-max-age: 600
x-powered-by: EmailDelivery
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/soc_icons/soc_instagram.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/soc_icons/soc_instagram.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/soc_icons/soc_instagram.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"4b6-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
baltway.bitrix24.ru/bitrix/js/crm/site/form/dist/app.bundle.min.js?19335
46.235.53.69200 OK 0 B URL HTTP/2 baltway.bitrix24.ru/bitrix/js/crm/site/form/dist/app.bundle.min.js?19335
IP 46.235.53.69:0
GET /bitrix/js/crm/site/form/dist/app.bundle.min.js?19335 HTTP/1.1
Host: baltway.bitrix24.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/x-javascript
last-modified: Mon, 03 Oct 2022 13:38:40 GMT
etag: W/"633ae5e0-47ab5"
expires: Sat, 07 Jan 2023 01:20:49 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
server-timing: t1;dur=0.000, t2;dur=, t3;dur=, tc1;dur=31000, tc2;dur=7500, tc3;dur=21
x-bitrix-ri: 124f11b6bf6233104c3f294c5004ead7
x-bitrix-lb: lb-ru-back-03
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/money_icons/$_mir-logo.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/money_icons/$_mir-logo.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/money_icons/$_mir-logo.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"4fc-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-ru.bitrix24.ru/b12183/crm/site_button/loader_6_8dmsef.js?27843433
46.235.53.69200 OK 0 B URL HTTP/2 cdn-ru.bitrix24.ru/b12183/crm/site_button/loader_6_8dmsef.js?27843433
IP 46.235.53.69:0
GET /b12183/crm/site_button/loader_6_8dmsef.js?27843433 HTTP/1.1
Host: cdn-ru.bitrix24.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:33 GMT
content-type: application/javascript
x-req-id: 388LNRRoj
last-modified: Thu, 13 Oct 2022 19:52:01 GMT
etag: W/"c330df40453c09a2b8882af2424797d8"
x-host: hb-front16
content-encoding: gzip
expires: Sun, 11 Dec 2022 17:13:33 GMT
cache-control: max-age=172800
server-timing: t1;dur=0.000, t2;dur=, t3;dur=, tc1;dur=27375, tc2;dur=4000, tc3;dur=20
x-bitrix-lb: lb-ru-back-03
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/header_icons/call.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/header_icons/call.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/header_icons/call.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"7c6-5dd029cd3b7d8"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
cdn-ru.bitrix24.ru/b12183/crm/form/loader_14.js?9281144
46.235.53.69200 OK 0 B URL HTTP/2 cdn-ru.bitrix24.ru/b12183/crm/form/loader_14.js?9281144
IP 46.235.53.69:0
GET /b12183/crm/form/loader_14.js?9281144 HTTP/1.1
Host: cdn-ru.bitrix24.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:34 GMT
content-type: application/javascript
x-req-id: 2T37JZEaC
last-modified: Tue, 14 Dec 2021 07:35:30 GMT
etag: W/"47de9cfd4eca47556484717961b9517b"
x-host: hb-front15
content-encoding: gzip
expires: Sun, 08 Jan 2023 17:13:34 GMT
cache-control: max-age=2592000
server-timing: t1;dur=0.033, t2;dur=0.033, t3;dur=0.000, tc1;dur=37625, tc2;dur=6750, tc3;dur=23
x-bitrix-lb: lb-ru-back-03
X-Firefox-Spdy: h2
krikam.net/upload/iblock/cde/dalnoboy_anons.jpg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/upload/iblock/cde/dalnoboy_anons.jpg
IP 92.255.104.245:0
GET /upload/iblock/cde/dalnoboy_anons.jpg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: text/html; charset=cp1251
last-modified: Tue, 19 Apr 2022 14:23:37 GMT
etag: W/"2b26-5dd029f66b7c8-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 11:09:47 GMT
etag: W/"28b03-5e68204ff6f4d-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/bitrix/cache/js/s1/market_column/default_017ad5f7d55a70225c8d776b1d2275c9/default_017ad5f7d55a70225c8d776b1d2275c9_v1.js?166082098733316
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/bitrix/cache/js/s1/market_column/default_017ad5f7d55a70225c8d776b1d2275c9/default_017ad5f7d55a70225c8d776b1d2275c9_v1.js?166082098733316
IP 92.255.104.245:0
GET /bitrix/cache/js/s1/market_column/default_017ad5f7d55a70225c8d776b1d2275c9/default_017ad5f7d55a70225c8d776b1d2275c9_v1.js?166082098733316 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 18 Aug 2022 11:09:47 GMT
etag: W/"8224-5e68204fde8ad-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/header_icons/bag_grey.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/header_icons/bag_grey.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/header_icons/bag_grey.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"32d-5dd029cd3b7d8"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
popup-static.unisender.com/service/loader.js?c=52985
195.13.237.72200 OK 0 B URL HTTP/2 popup-static.unisender.com/service/loader.js?c=52985
IP 195.13.237.72:0
GET /service/loader.js?c=52985 HTTP/1.1
Host: popup-static.unisender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 27 Sep 2022 13:12:35 GMT
etag: W/"6332f6c3-318"
expires: Sat, 10 Dec 2022 17:13:32 GMT
cache-control: max-age=86400
content-encoding: gzip
x-robots-tag: noindex,nofollow
x-powered-by: EmailDelivery
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/header_icons/login.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/header_icons/login.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/header_icons/login.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"3b8-5dd029cd3b7d8"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/soc_icons/soc_youtube.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/soc_icons/soc_youtube.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/soc_icons/soc_youtube.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"2a3-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/soc_icons/soc_vk.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/soc_icons/soc_vk.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/soc_icons/soc_vk.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"3ba-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/bitrix/js/main/popup/dist/main.popup.bundle.js?1656934726109107
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/bitrix/js/main/popup/dist/main.popup.bundle.js?1656934726109107
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /bitrix/js/main/popup/dist/main.popup.bundle.js?1656934726109107 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Jul 2022 11:38:46 GMT
etag: W/"1aa33-5e2f92dc70562-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/search-white.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/search-white.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/search-white.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/bitrix/cache/css/s1/market_column/template_39aff30e977e2c9d387d1d9ff24de638/template_39aff30e977e2c9d387d1d9ff24de638_v1.css?1660820987166659
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"87e-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/bitrix/cache/css/s1/market_column/kernel_main/kernel_main_v1.css?1660820987198290
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/bitrix/cache/css/s1/market_column/kernel_main/kernel_main_v1.css?1660820987198290
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /bitrix/cache/css/s1/market_column/kernel_main/kernel_main_v1.css?1660820987198290 HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 11:09:47 GMT
etag: W/"30692-5e68204fabc2b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
krikam.net/local/templates/market_column/images/icons/money_icons/$_visa.svg
92.255.104.245200 OK 0 B URL HTTP/2 krikam.net/local/templates/market_column/images/icons/money_icons/$_visa.svg
IP 92.255.104.245:0
Analyzer Verdict Alert fortinet Malware
GET /local/templates/market_column/images/icons/money_icons/$_visa.svg HTTP/1.1
Host: krikam.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/upload/iblock/9ae/vector_vt-50ml_soft.zip/
Cookie: __ddg1_=AL86fTkYb5yRi9GnR4kc; PHPSESSID=8T9WkazBTOc3eW8vExRaC2KfgTIyZ4aj; BITRIX_SM_GUEST_ID=18321988; BITRIX_SM_LAST_VISIT=09.12.2022+20%3A13%3A31
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Fri, 09 Dec 2022 17:13:32 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Apr 2022 14:22:54 GMT
etag: W/"45b-5dd029cd3c778"
accept-ranges: bytes
cache-control: max-age=31536000, private, must-revalidate
expires: Sat, 09 Dec 2023 17:13:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
bitrix.info/ba.js
52.209.225.49200 OK 0 B IP 52.209.225.49:0
GET /ba.js HTTP/1.1
Host: bitrix.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krikam.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 17:13:34 GMT
content-type: application/javascript
server: nginx/1.10.1
last-modified: Wed, 19 May 2021 09:38:44 GMT
etag: W/"60a4dca4-1a03"
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: bx_user_id=fc4e189e1569d60616ed815c237ed9f1; expires=Mon, 06-Dec-32 17:13:34 GMT; path=/; domain=bitrix.info; SameSite=None; Secure
access-control-allow-origin: *
expires: Sun, 11 Dec 2022 17:13:34 GMT
cache-control: max-age=172800
strict-transport-security: max-age=63072000
content-encoding: gzip
X-Firefox-Spdy: h2