r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3982
Expires: Tue, 13 Sep 2022 18:46:44 GMT
Date: Tue, 13 Sep 2022 17:40:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 17:08:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FFkLOAYIbjBGgUD7k_dxevUE24NloIXGGpvdICNEHmpyv6DA4OrGzg==
Age: 1894
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R12H8_Gdw6FNy3Ngtyk7w5kWf_RjnnvwlvQS0zvhys535YyNBLkPrA==
age: 47108
X-Firefox-Spdy: h2
cravtr.ru/
31.28.24.122200 OK 42 kB IP 31.28.24.122:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Hash 51169bcf53e63c0a7798b781271ceea9
04296f08a7030e8b6d4e6c76901c497505bf7236
e7bde6caa1b2458eb5bb469bf9fd6ce0f57c198256b6285d0bdf989e2fe01bb6
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
X-Powered-By: PHP/7.4.30
Set-Cookie: wordpress_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; HttpOnly
wordpress_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; HttpOnly
wordpress_logged_in_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
Link: <http://cravtr.ru/wp-json/>; rel="https://api.w.org/"
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Transfer-Encoding: chunked
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 17:40:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cravtr.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11
31.28.24.122200 OK 54 kB URL HTTP/1.1 cravtr.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11
IP 31.28.24.122:0
File type ASCII text, with very long lines (28088)
Hash 7d2051e6c59f3598b17877bf41637ec4
e3fbc1265f4cd1eacf83c045e4f21d5f9b92bf8d
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:11 GMT
ETag: "d159-5e052ab706575"
Accept-Ranges: bytes
Content-Length: 53593
Content-Type: text/css
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/plugins/featured-post-with-thumbnail/featured-post.css?ver=5.4.11
31.28.24.122200 OK 990 B URL HTTP/1.1 cravtr.ru/wp-content/plugins/featured-post-with-thumbnail/featured-post.css?ver=5.4.11
IP 31.28.24.122:0
File type ASCII text, with CRLF line terminators
Hash 801e79f5e527f86d76c25da10f4e20b1
3d4fe9e47155c8883b397c0d876cd7a33d777de7
7cbe2994d0c75db802a421d3ea59e6e36076c13f6a9525b65f27d768938d93ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/featured-post-with-thumbnail/featured-post.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:07:14 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "3de-5e052ab5d2b99"
Accept-Ranges: bytes
Content-Length: 990
Content-Type: text/css
Age: 9188
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
31.28.24.122200 OK 10 kB URL HTTP/1.1 cravtr.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 31.28.24.122:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:13 GMT
ETag: "2748-5e052ab890a07"
Accept-Ranges: bytes
Content-Length: 10056
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide.css
31.28.24.122200 OK 3.8 kB URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide.css
IP 31.28.24.122:0
File type ASCII text, with CRLF line terminators
Hash 7a89390eb5d276b2ff09e643c008b4a8
76a2e75bd25357a5f7bb5dc9a0c2e50868b26915
a58413b52ab3b84178b00f5d56effeb9ffb126938971ca6d681ed65d41767970
GET /wp-content/plugins/auto-highslide/highslide/highslide.css HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "ee6-5e052ab5ce549"
Accept-Ranges: bytes
Content-Length: 3814
Content-Type: text/css
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/wp-content/themes/allium/css/bootstrap-custom.css?ver=5.4.11
31.28.24.122200 OK 34 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/css/bootstrap-custom.css?ver=5.4.11
IP 31.28.24.122:0
File type ASCII text, with CRLF line terminators
Hash e345b267f9926f3a0aa36b0e11577e03
9bf252b511b368c153cb1d41b826b86fc0fef7af
1ea5af397f53fe349176aa98244fd5987b3fa1e1282c65d329e85c2dfb53b6b8
GET /wp-content/themes/allium/css/bootstrap-custom.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "83c5-5e0632a0ba273"
Accept-Ranges: bytes
Content-Length: 33733
Content-Type: text/css
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide-with-html.packed.js
31.28.24.122200 OK 32 kB URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide-with-html.packed.js
IP 31.28.24.122:0
File type ISO-8859 text, with very long lines (31128), with CRLF line terminators
Hash d20fbc385b18eeedfaa30c454a67b528
e4b3bacc38efe68b89df8d805852c7c4cc1b5ac4
a4da12edfc47a4cf6af3deabdae177c6713205198c642c0ca29ccad745c04084
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/auto-highslide/highslide/highslide-with-html.packed.js HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "7dcf-5e052ab5cd991"
Accept-Ranges: bytes
Content-Length: 32207
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/themes/allium/js/enquire.js?ver=2.1.6
31.28.24.122200 OK 10 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/enquire.js?ver=2.1.6
IP 31.28.24.122:0
File type ASCII text, with very long lines (847), with CRLF line terminators
Hash fcf572110474f4d05d2a093287a08a14
8dae31cef733250aaaa6e012293cf5439891d00e
b5d83de19ecb082b54d02a0e893231f5c7f330126b1d4d9ea2884d1b7648ea9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/allium/js/enquire.js?ver=2.1.6 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "27c2-5e0632a0c717b"
Accept-Ranges: bytes
Content-Length: 10178
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/themes/allium/css/fontawesome-all.css?ver=5.4.11
31.28.24.122200 OK 72 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/css/fontawesome-all.css?ver=5.4.11
IP 31.28.24.122:0
File type ASCII text, with CRLF line terminators
Hash beea44aa17c36c0ff6752c6df69ea553
5009899b3fae65bb84ce2866b16ee1cb058b4176
762f19c5abda86c73b5fc98ce697b81af3b87f82fb395d585c72abf5be508acd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/allium/css/fontawesome-all.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "117b5-5e0632a0bbdcb"
Accept-Ranges: bytes
Content-Length: 71605
Content-Type: text/css
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/themes/allium/js/fitvids.js?ver=1.1
31.28.24.122200 OK 3.4 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/fitvids.js?ver=1.1
IP 31.28.24.122:0
File type HTML document, ASCII text, with CRLF line terminators
Hash c1b7fbe6b1a3b777fddfe187094deb97
498d2b1a5cfd53ce9b320c9ccd7d53ea7b04ffb7
64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/allium/js/fitvids.js?ver=1.1 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "d6d-5e0632a0c794b"
Accept-Ranges: bytes
Content-Length: 3437
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/themes/allium/js/hover-intent.js?ver=r7
31.28.24.122200 OK 5.1 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/hover-intent.js?ver=r7
IP 31.28.24.122:0
File type ASCII text, with CRLF line terminators
Hash cf1a4e6e02fb9bdc003793a5d36d7ff0
7dbf8060863555050922f111851ea028d284c97d
a7a796de5386c4134aeaf3d7f3acabe23714c75badac21922ec14957d4d239f7
GET /wp-content/themes/allium/js/hover-intent.js?ver=r7 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "13bd-5e0632a0c8503"
Accept-Ranges: bytes
Content-Length: 5053
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/themes/allium/js/superfish.js?ver=1.7.10
31.28.24.122200 OK 7.9 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/superfish.js?ver=1.7.10
IP 31.28.24.122:0
File type ASCII text, with CRLF line terminators
Hash 1343a5d5498f0b5c36613a13c785e0c9
7a9e5d870dddce40f39815ac6b41a3cab4157c32
bebf8e167e6c10f51857e0e35b89f0b6300e495feccfe08f7d4bf4a0b87b4506
GET /wp-content/themes/allium/js/superfish.js?ver=1.7.10 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "1ed0-5e0632a0c94a3"
Accept-Ranges: bytes
Content-Length: 7888
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/themes/allium/style.css?ver=5.4.11
31.28.24.122200 OK 84 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/style.css?ver=5.4.11
IP 31.28.24.122:0
File type ASCII text, with very long lines (354), with CRLF line terminators
Hash 0fef05c8dba9dea226678dd8f6c9e427
f296ef7126c867a7da117652e0b8efe9d8bde64c
232fc5975d383cd4004706e4f09f9039bf7e2c479e1a389977b3382a7efc503e
GET /wp-content/themes/allium/style.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "14876-5e0632a0d2cfb"
Accept-Ranges: bytes
Content-Length: 84086
Content-Type: text/css
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11
31.28.24.122200 OK 14 kB URL HTTP/1.1 cravtr.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11
IP 31.28.24.122:0
File type ASCII text, with very long lines (10927)
Hash c8d5a4cd14632bc2bdf15b5e45ca9d4d
cdf210b710c2792eda450a1a11e5dc1f8dae8594
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:33:06 GMT
ETag: "363c-5e05300f0bd34"
Accept-Ranges: bytes
Content-Length: 13884
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-includes/js/wp-embed.min.js?ver=5.4.11
31.28.24.122200 OK 1.4 kB URL HTTP/1.1 cravtr.ru/wp-includes/js/wp-embed.min.js?ver=5.4.11
IP 31.28.24.122:0
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:07:16 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:33:06 GMT
ETag: "592-5e05300eff215"
Accept-Ranges: bytes
Content-Length: 1426
Content-Type: application/javascript
Age: 9186
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/themes/allium/js/custom.js?ver=1.0
31.28.24.122200 OK 5.1 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/custom.js?ver=1.0
IP 31.28.24.122:0
File type ASCII text, with CRLF line terminators
Hash 2451ca54a064904e91e370baf2a612d4
30d872c9c7f652df6d48a56772cc534d794e209a
9fb45290466159e956cb3e618539728367e1d7d7e1b86929b59a4dcdb27b8826
GET /wp-content/themes/allium/js/custom.js?ver=1.0 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "13da-5e0632a0c5df3"
Accept-Ranges: bytes
Content-Length: 5082
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
31.28.24.122200 OK 97 kB URL HTTP/1.1 cravtr.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 31.28.24.122:0
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:13 GMT
ETag: "17a69-5e052ab895057"
Accept-Ranges: bytes
Content-Length: 96873
Content-Type: application/javascript
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext
IP 142.250.74.10:0
Hash d698f8bee79b5f1498f6850f08cf055f
330c992ce64ca7d6ae448ae683e5af20a20afed5
3ef8750793e69fe8a6e5b221681d14a8cc093f2ec8e5d6be4ffe9a6141abf777
GET /css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 17:40:22 GMT
date: Tue, 13 Sep 2022 17:40:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cravtr.ru/wp-content/uploads/2022/06/eto-elektromobil-nissan-leaf-sleduyushhego-pokoleniya.jpg
31.28.24.122200 OK 22 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/eto-elektromobil-nissan-leaf-sleduyushhego-pokoleniya.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 563x340, components 3\012- data
Hash c9c7a98af6c4c9158e04df3613691cf9
56db153894329d64a54f36b5d70216fa79ebf1bb
cc521e357e973f72b51d7c57224d2f79e5c8cd5af75280f6c03b2dd5f4578650
GET /wp-content/uploads/2022/06/eto-elektromobil-nissan-leaf-sleduyushhego-pokoleniya.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 14:02:28 GMT
ETag: "57b9-5e1cd70108452"
Accept-Ranges: bytes
Content-Length: 22457
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/teper-poslednij-xoroshij-vzglyad-na-prototip-honda-civic-type-r-2023-goda-pered-ego-debyutom.jpg
31.28.24.122200 OK 43 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/teper-poslednij-xoroshij-vzglyad-na-prototip-honda-civic-type-r-2023-goda-pered-ego-debyutom.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 577x322, components 3\012- data
Hash a9b5acf57136069be4cb131896ee0666
8151ea31a4bf5d6b9bf2b182494d5c5b6a025deb
4b373b4a72aa0dc360f715e78a099fa3c52229ba6576b5b831785535728a8aac
GET /wp-content/uploads/2022/06/teper-poslednij-xoroshij-vzglyad-na-prototip-honda-civic-type-r-2023-goda-pered-ego-debyutom.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 14:43:58 GMT
ETag: "a973-5e1ce047a54e4"
Accept-Ranges: bytes
Content-Length: 43379
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/my-slomali-podvesku-na-nashem-mercedes-benz-gle450-kotoryj-prozhil-celyj-god-i-on-nam-vse-eshhe-nravitsya.jpg
31.28.24.122200 OK 47 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/my-slomali-podvesku-na-nashem-mercedes-benz-gle450-kotoryj-prozhil-celyj-god-i-on-nam-vse-eshhe-nravitsya.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 557x308, components 3\012- data
Hash adde19fedd5f0bf9de045091c71965e2
b52c59a50b2df003f510afae9a20e5c08047c6c9
344c4e1c56ac89b55d06566d7dd4489a8356560aa2e5b039226e3f45db34cef9
GET /wp-content/uploads/2022/06/my-slomali-podvesku-na-nashem-mercedes-benz-gle450-kotoryj-prozhil-celyj-god-i-on-nam-vse-eshhe-nravitsya.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 12:31:36 GMT
ETag: "b7d0-5e1cc2b214367"
Accept-Ranges: bytes
Content-Length: 47056
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/kia-carnival-2023-goda-povyshaet-stoimost-vxodnyx-biletov.jpg
31.28.24.122200 OK 45 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/kia-carnival-2023-goda-povyshaet-stoimost-vxodnyx-biletov.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 570x315, components 3\012- data
Hash e5a5062199a140a1d5c15988a2719a73
5e58191c69b4bc3a21d379b7886de731092cfa8e
e7d1640023f921adb299096b50517bf6208e9100283f76b274cab17b1e3fd5bb
GET /wp-content/uploads/2022/06/kia-carnival-2023-goda-povyshaet-stoimost-vxodnyx-biletov.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 12:47:56 GMT
ETag: "b0f7-5e1cc6584be38"
Accept-Ranges: bytes
Content-Length: 45303
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/novejshee-ispytanie-dlya-modifikatora-avtomobilya-veteran-jdm-kostyanoj-pervoproxodec-80-x.jpg
31.28.24.122200 OK 46 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/novejshee-ispytanie-dlya-modifikatora-avtomobilya-veteran-jdm-kostyanoj-pervoproxodec-80-x.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 561x313, components 3\012- data
Hash 599a84726a9b03966c1ccca95d14742d
bce46c3522c5b364d59f624097108fc8b6d641cb
7d7c402de8ff4a8e129c010b12b696bc1a569935cf1956fbba4cc794c20c457d
GET /wp-content/uploads/2022/06/novejshee-ispytanie-dlya-modifikatora-avtomobilya-veteran-jdm-kostyanoj-pervoproxodec-80-x.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 13:35:38 GMT
ETag: "b2cf-5e1cd10240271"
Accept-Ranges: bytes
Content-Length: 45775
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/novye-podrobnosti-o-bezumnoj-sborke-xunigana-subaru-wagon-vosmidesyatyx-s-862-l-s.jpg
31.28.24.122200 OK 48 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/novye-podrobnosti-o-bezumnoj-sborke-xunigana-subaru-wagon-vosmidesyatyx-s-862-l-s.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 576x316, components 3\012- data
Hash 41796105e150220dd12b4794218680b1
8359f178def55e53fcce728ceee810825eeeb395
a22e210018f766e76889f7df62e968d0fbedb00aad06f86588c3f9742b030e97
GET /wp-content/uploads/2022/06/novye-podrobnosti-o-bezumnoj-sborke-xunigana-subaru-wagon-vosmidesyatyx-s-862-l-s.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 11:02:17 GMT
ETag: "bac4-5e1caebb1c9a3"
Accept-Ranges: bytes
Content-Length: 47812
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/novyj-hyundai-palisade-xrt-2023-goda-kontroliruet-bolshuyu-chast-vashix.jpg
31.28.24.122200 OK 49 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/novyj-hyundai-palisade-xrt-2023-goda-kontroliruet-bolshuyu-chast-vashix.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x300, components 3\012- data
Hash a5dceec668beac185e856341ac47219e
76d2a68a54785715f588712c609413b4deb25e33
c604970a3e57cdfd29b88fa0a4163efdce2d5540b3909deb2fdafdcbaa625153
GET /wp-content/uploads/2022/06/novyj-hyundai-palisade-xrt-2023-goda-kontroliruet-bolshuyu-chast-vashix.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 15:06:40 GMT
ETag: "bf5c-5e1ce55b3c9a6"
Accept-Ranges: bytes
Content-Length: 48988
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/ferrari-ne-pozvolit-budushhim-elektromobilyam-i-vnedorozhnikam-purosangue-pomeshat-xorosho-provesti-vremya.jpg
31.28.24.122200 OK 16 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/ferrari-ne-pozvolit-budushhim-elektromobilyam-i-vnedorozhnikam-purosangue-pomeshat-xorosho-provesti-vremya.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 572x314, components 3\012- data
Hash 21661e00f67b094cdc43e5d52b1b5b05
ab6c8a964876bb9e5e795203552f7704b6fad6cf
dffd3b152de0cabec0a674adbcd077323264e3e120d3e6127eccd2c82f404947
GET /wp-content/uploads/2022/06/ferrari-ne-pozvolit-budushhim-elektromobilyam-i-vnedorozhnikam-purosangue-pomeshat-xorosho-provesti-vremya.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 14:56:36 GMT
ETag: "3d3e-5e1ce31b22607"
Accept-Ranges: bytes
Content-Length: 15678
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/vozhdenie-elektricheskogo-ford-bronco-ot-zero-labs.jpg
31.28.24.122200 OK 48 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/vozhdenie-elektricheskogo-ford-bronco-ot-zero-labs.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 576x325, components 3\012- data
Hash a4a4ac36dd74eb52664627123ad9e618
4451e1878259a8b4c66ad5f64a5a47c164b8ff80
2801acdf10b67300a1e3b6535ebfa5e5c054d63b1850961de014240a54202004
GET /wp-content/uploads/2022/06/vozhdenie-elektricheskogo-ford-bronco-ot-zero-labs.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 15:19:09 GMT
ETag: "bb6a-5e1ce8254f47d"
Accept-Ranges: bytes
Content-Length: 47978
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/uploads/2022/06/nebolshoe-povyshenie-cen-na-kia-seltos-2023-goda-luchshe-chem-bolshoe.jpg
31.28.24.122200 OK 48 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/nebolshoe-povyshenie-cen-na-kia-seltos-2023-goda-luchshe-chem-bolshoe.jpg
IP 31.28.24.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 571x318, components 3\012- data
Hash a54c65dbb24256af620eed05e6868666
7342551682d459c13726a118eb3a4d7f0227a5cd
07d47452cf2ba91947491180ee6074b158b1e16fba1edcb2c143f666ed134c49
GET /wp-content/uploads/2022/06/nebolshoe-povyshenie-cen-na-kia-seltos-2023-goda-luchshe-chem-bolshoe.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Sun, 19 Jun 2022 15:12:17 GMT
ETag: "bb2e-5e1ce69c82b22"
Accept-Ranges: bytes
Content-Length: 47918
Content-Type: image/jpeg
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/wp-content/themes/allium/webfonts/fa-solid-900.woff2
31.28.24.122200 OK 79 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/webfonts/fa-solid-900.woff2
IP 31.28.24.122:0
File type Web Open Font Format (Version 2), TrueType, length 79100, version 1.0\012- data
Hash 5dc01cfcd5336f696cb85da7ce53fa9b
28a1f2fadc35c5343e0280389fe7955e3d1be607
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/allium/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cravtr.ru/wp-content/themes/allium/css/fontawesome-all.css?ver=5.4.11
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:22 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "134fc-5e0632a0fd0c2"
Accept-Ranges: bytes
Content-Length: 79100
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cravtr.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 511574
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cravtr.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 511574
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cravtr.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 06:19:49 GMT
expires: Fri, 08 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 472834
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 17:03:22 GMT
Expires: Tue, 13 Sep 2022 17:14:28 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: czppnbUV120M9guR0gZnuy6VzsqvIFcayCA8SUmAo31jW1BpkCS_3Q==
Age: 2221
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cravtr.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:41 GMT
expires: Thu, 07 Sep 2023 19:34:41 GMT
cache-control: public, max-age=31536000
age: 511542
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0919555699512279
216.58.207.226200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0919555699512279
IP 216.58.207.226:0
File type ASCII text, with very long lines (2903)
Hash ec90c7312567a113849fba221c96bac3
1ad2d5c0cc64f8aefd284dd74d74289d11eedaa4
0c43ff65ffe25441d7d6b8d4cc9fd3d37ee9776786b71099872f5ef06e19b2fb
GET /pagead/js/adsbygoogle.js?client=ca-pub-0919555699512279 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cravtr.ru
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Tue, 13 Sep 2022 17:40:23 GMT
expires: Tue, 13 Sep 2022 17:40:23 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6027903677882145504
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4414
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Last-Modified: Tue, 13 Sep 2022 16:26:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
142.250.74.2200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220908/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Tue, 13 Sep 2022 01:15:52 GMT
expires: Tue, 27 Sep 2022 01:15:52 GMT
cache-control: public, max-age=1209600
age: 59071
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c657642ae823a42b6f838d2341d9329f
b4a2b37d97c363f7293e4b946d4c528becbfac50
201bd88ff237e22e1a302936cca2ed3066462e93b459ecab1ac1486a4ddaaaa9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/favicon.ico
31.28.24.122302 Moved Temporarily 0 B IP 31.28.24.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
HTTP/1.1 302 Moved Temporarily
Date: Tue, 13 Sep 2022 17:40:23 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
X-Powered-By: PHP/7.4.30
Set-Cookie: wordpress_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; HttpOnly
wordpress_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; HttpOnly
wordpress_logged_in_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
Link: <http://cravtr.ru/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://cravtr.ru/wp-includes/images/w-logo-blue-white-bg.png
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=cravtr.ru&callback=_gfp_s_&client=ca-pub-0919555699512279
142.250.74.98200 OK 196 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=cravtr.ru&callback=_gfp_s_&client=ca-pub-0919555699512279
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 3515d74d93c876bfa026ef60c6b46c73
d1c2289c01f259c61fc9247435891234a121b032
6a9ecee5034550a8230b6a2d3dcee0ca26453add7de025f17117143851935edf
GET /gampad/cookie.js?domain=cravtr.ru&callback=_gfp_s_&client=ca-pub-0919555699512279 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 17:40:23 GMT
server: cafe
cache-control: private
content-length: 196
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=cravtr.ru
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=cravtr.ru
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cravtr.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 17:40:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=cravtr.ru
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=cravtr.ru
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cravtr.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 17:40:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G8O/hRHWCs+zWR6lHWIZrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +1J8MB3L9ZKSbXxl7QTIwxokWg0=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c657642ae823a42b6f838d2341d9329f
b4a2b37d97c363f7293e4b946d4c528becbfac50
201bd88ff237e22e1a302936cca2ed3066462e93b459ecab1ac1486a4ddaaaa9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/wp-includes/images/w-logo-blue-white-bg.png
31.28.24.122200 OK 4.1 kB URL HTTP/1.1 cravtr.ru/wp-includes/images/w-logo-blue-white-bg.png
IP 31.28.24.122:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cravtr.ru/
Connection: keep-alive
Cookie: __gads=ID=410adaaa53271393-22dd09b81dce0023:T=1663090823:RT=1663090823:S=ALNI_MbBrn8I3xQ27A2DGTBOPSjm57KcqQ
HTTP/1.1 200 OK
Last-Modified: Tue, 31 May 2022 18:09:12 GMT
Accept-Ranges: bytes
Content-Length: 4119
Content-Type: image/png
Date: Mon, 12 Sep 2022 13:37:00 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
ETag: "1017-5e052ab7d0bba"
Age: 101003
Warning: 113 t0.hoster.ru (cluster_balancer) This cache hit is still fresh and more than 1 day old
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/zoomout.cur
31.28.24.122200 OK 326 B URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/zoomout.cur
IP 31.28.24.122:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x7\012- data
Hash e5f236bf2b60f8c8fc1867d70636a046
2d1695a011edd32a1abc5329dcf4b8ee196d5e7f
110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/auto-highslide/highslide/graphics/zoomout.cur HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __gads=ID=410adaaa53271393-22dd09b81dce0023:T=1663090823:RT=1663090823:S=ALNI_MbBrn8I3xQ27A2DGTBOPSjm57KcqQ
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:07:20 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "146-5e052ab5ccdd9"
Accept-Ranges: bytes
Content-Length: 326
Age: 9183
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/outlines/rounded-white.png
31.28.24.122200 OK 2.0 kB URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/outlines/rounded-white.png
IP 31.28.24.122:0
File type PNG image data, 40 x 3000, 8-bit gray+alpha, non-interlaced\012- data
Hash 172cd05ac027f6a6c46553231506b3f8
9c05946fb3260c173964ace7e55e0c0f2169eef1
dd973ffb47385f17ebb5bb6ba99cf16b968e151f0004b565f8386ae7ce1753bb
GET /wp-content/plugins/auto-highslide/highslide/graphics/outlines/rounded-white.png HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __gads=ID=410adaaa53271393-22dd09b81dce0023:T=1663090823:RT=1663090823:S=ALNI_MbBrn8I3xQ27A2DGTBOPSjm57KcqQ
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 17:40:23 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "7dc-5e052ab5cb669"
Accept-Ranges: bytes
Content-Length: 2012
Content-Type: image/png
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Connection: keep-alive
cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/loader.white.gif
31.28.24.122200 OK 673 B URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/loader.white.gif
IP 31.28.24.122:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 2a6692973429d7a74513bfa8bcb5be20
f2af060f1cadbc9065c8c465c648dc01be67cc12
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
GET /wp-content/plugins/auto-highslide/highslide/graphics/loader.white.gif HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide.css
Cookie: __gads=ID=410adaaa53271393-22dd09b81dce0023:T=1663090823:RT=1663090823:S=ALNI_MbBrn8I3xQ27A2DGTBOPSjm57KcqQ
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:07:20 GMT
Server: Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "2a1-5e052ab5c7401"
Accept-Ranges: bytes
Content-Length: 673
Content-Type: image/gif
Age: 9183
X-Cache: HIT from t0.hoster.ru
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Connection: keep-alive
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env
216.58.207.226200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env
IP 216.58.207.226:0
File type JSON data\012- , ASCII text, with very long lines (14645), with no line terminators
Hash f538ba71adab2c298c883ce64677a945
177d14471209622a0651661febd3c7f770ce9426
df981ba8f95c83420f504a6e0de16bccdf264ca460e44bdd1a9685112eb9a4fd
GET /getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cravtr.ru
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 17:40:23 GMT
server: cafe
cache-control: private
content-length: 11118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b83eeef1819083d0f8d52290b58abdef
7f5d00f725bed6d26c8ba00628adafc8f43c0c93
cca1c281e84e9694db182f17cd47d5782d602bf36e2f4902ce7612f2c5d74bd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 13 Sep 2022 17:40:23 GMT
expires: Tue, 13 Sep 2022 17:40:23 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 12:27:00 GMT
expires: Wed, 13 Sep 2023 12:27:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 18803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash aabcbe372e98a45524e18b2da88ffe28
b55130b80febad2ce26e68423cac6c0c3b2b9dfd
03556d4b5b920d21934e3053d3bde1e127d967172809fbe7fa4583b93539fa27
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 13 Sep 2022 17:40:23 GMT
date: Tue, 13 Sep 2022 17:40:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-v9MzthYrKPM2ZBZDkGC-tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17104
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 17:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17104
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 17:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17104
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 17:40:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 04:49:30 GMT
age: 46254
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gUhO_jZ9W_10cAK-2lOVSmQ9r1DIZvNDaqpJs5oc6lt85qAkWbBcXg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:48:14 GMT
age: 71530
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 71884
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:55 GMT
age: 71909
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 85df5ad9-f229-4d33-90b9-5dd28c77578a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH396F2SIAMFnGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63196d25-3ee08f1e27cd37e96dba0f40;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 04:18:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Oep2UJdadBnTBuCy7CexUcezT0cCvm_9hroZnV-UrC9lQQxwUc4rkw==
via: 1.1 07c02ae6c53d85283eb15380264d9998.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 06:18:57 GMT
age: 40887
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 71886
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~l80hbu23&c=4036305643705904&e=44759875%2C44759926%2C44759837%2C42531705%2C31061691%2C31061692&ctx=1&met.3=1001.11y_1__1~164.11z_1~165.11x_3~166.116_v~166.124_6~1032.170~326.173~832.17d~868.17d~216.170_d~215.170_d~843.170_d~779.17d_1~112.18k_1~629.19w~889.1aa~639.1af~914.1af~113.1c2&met.1=1.l80hbsti~6.-5~7.-5~8.1h~9.1h~10.2a~12.2w~13.cf~14.e1~15.ef~16.qi~17.sj~18.t7~19.1bp~20.1bp~21.1bv~23.qb
142.250.72.35204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~l80hbu23&c=4036305643705904&e=44759875%2C44759926%2C44759837%2C42531705%2C31061691%2C31061692&ctx=1&met.3=1001.11y_1__1~164.11z_1~165.11x_3~166.116_v~166.124_6~1032.170~326.173~832.17d~868.17d~216.170_d~215.170_d~843.170_d~779.17d_1~112.18k_1~629.19w~889.1aa~639.1af~914.1af~113.1c2&met.1=1.l80hbsti~6.-5~7.-5~8.1h~9.1h~10.2a~12.2w~13.cf~14.e1~15.ef~16.qi~17.sj~18.t7~19.1bp~20.1bp~21.1bv~23.qb
IP 142.250.72.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~l80hbu23&c=4036305643705904&e=44759875%2C44759926%2C44759837%2C42531705%2C31061691%2C31061692&ctx=1&met.3=1001.11y_1__1~164.11z_1~165.11x_3~166.116_v~166.124_6~1032.170~326.173~832.17d~868.17d~216.170_d~215.170_d~843.170_d~779.17d_1~112.18k_1~629.19w~889.1aa~639.1af~914.1af~113.1c2&met.1=1.l80hbsti~6.-5~7.-5~8.1h~9.1h~10.2a~12.2w~13.cf~14.e1~15.ef~16.qi~17.sj~18.t7~19.1bp~20.1bp~21.1bv~23.qb HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cravtr.ru
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Tue, 13 Sep 2022 17:40:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2