firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 01:02:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dwuGucpEWlbQtbXCpYtfE_0A-gI3q12pD8vQl1oa694v1U1Y28NFag==
Age: 676
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15797
Expires: Sun, 11 Sep 2022 05:36:47 GMT
Date: Sun, 11 Sep 2022 01:13:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U-bQaPCI6prXz0EvwRwtHv3M9RnFWqpNz3FFgtNOjf74TVUVZtfL9Q==
age: 64578
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 01:13:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 00:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 01:08:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8B8kPW73T8UX57FES-m9f5g1XqgQgGfTAsk6k974rys1yzGbCCmbsg==
Age: 1043
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3420
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:31 GMT
Last-Modified: Sun, 11 Sep 2022 00:16:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.40.161.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.161.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SzlxwH4nhmON2VfF51k0/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lW7XiTbks/yv3NZVBA+Csom59lA=
kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
104.21.86.10200 OK 15 kB URL HTTP/1.1 kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20374)
Hash 95c4843cae0782c305b0c24e70d40556
93d1af05d212d3122bc3e5cf2d2bff530570b807
53604759e4a45b70963f40fb60bf9f46d7139e6290c5967c0b6936a0e0670e33
Analyzer Verdict Alert fortinet Phishing
GET /putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Status: HIT
X-Cache-Skip: 000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6i%2B9vGInk5DJUHd0IkDaoFwrE56%2BRDaLmDS3rmK9hPucl%2BIwDgykjloBEemtqt1OwpGNOtTHV6OJkoUX4HrkK31QoKJ62v8zUMMSSLRWVsac3zED3daCR%2B%2FSfFapgf0ZXnPLSU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748c8a8bc950b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
104.21.86.10200 OK 451 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
IP 104.21.86.10:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash 9cbb12ded165859b75441a829fb683af
1e85f7bd7f0fa9dbc53157bbead5eb703c502db8
3dba212407392e05ef866072e63f519c9ef7365ea376cb5a8824e77726a6759b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:13 GMT
ETag: W/"5c12514d-484"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLormShFTTWGRYIwzFz%2BxzZsYMilSmQ%2FhUDVk5GgzpJtIZouYcPJc7ArKHWD%2BYFU8BpcRoXk2BHaGvlS4EcIZtfOkHWzoSB5aQlUW0bJwKUXpsqRaCYhDC%2Fw%2FlC8B2%2FyCcuNpPg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c2f2ab4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
104.21.86.10200 OK 676 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
IP 104.21.86.10:0
Hash aed6d7df00952fe5e2c7c636649262f6
7d27a3280224fa23a11af27e6816ba0a49ab5d70
06c5b0cd3f5177c83dc46e5fa8aca26cd4c79f9a3a256cfd03352c129039fdf6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:30:56 GMT
ETag: W/"5c125100-6cf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3hbFvtKkOlUzxeCLoKl149US8UgI677XjMEhyh2%2BaaM1iv9L4bePrW%2B2Jk%2BNcK1E47VJhxRUvnUiAsFjEacED3ugAgM7o49aMd1lIGzuXmowgOPdMuKCwkn%2FB%2BNibjqCwr5om4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c2ff4b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1
IP 104.21.86.10:0
Hash 71cbbc2b4b75d38fde4164930c4b1a5f
bc669826f776560c05ed95d509c6048a4e731ff1
c6f60ff63ea7e00e90f3db1812ab9600d24f17a153f923db3e5fbaa31ed3342c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-153e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svG6PZ0KytvryE0xUaDcaHsmfxsrRQo5HR81grobDNr5ZeNCSJ3wnYG80cTB%2B%2FOAZEGg%2BlKUW6gHc61JiEEzjFOYI70xCg7Ygv%2B%2BLccxuiVMNpPEzmXgK%2BbTjbUHt6wfnUbaPQc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c28ffb527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/style.css?ver=4.9.8
104.21.86.10200 OK 474 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/style.css?ver=4.9.8
IP 104.21.86.10:0
Hash 64512c3158a4553e2793a93d47c71224
51c04d04a577de6c3ebae959d392d8d49b906733
be702a318efa54999935c28540445356ecfbba55d3ffc14776ae15e92f3a18b7
GET /wp-content/themes/casino-theme/style.css?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:19 GMT
ETag: W/"5e4d7303-330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQoqClowECSBUaIGUEOBZZWf%2FoKtE7f3RNoit9e%2BvD49BahXPoTIr5Tm2TnfdnsCkqR0TX%2BP3AwQqI8ZkBc5709m9bt0SVCathub7In33PVjWzK3VMay3Vde754AS4Z9Jr3HpGM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c2d5fb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1
104.21.86.10200 OK 18 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8ccc3caeb4d179c7411ced0d453568d2
24f7e038de1ff25d1d5640880a0dcc2a35a6c9ca
0f597bf99dcbb112a2ed509e8883f79ff735b518157dad9cfb59a6d685e8b144
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-1a1f0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t21lWxZ6%2Fkz5ds6jUqVs5K1qgQqhAU3vlZN0Ucv4DjlY7BcxIKi20m%2FwCanJz5aT3vfk0BFB2AmFpYg4D62Jz8OiXd%2F%2FfyftgTuz9QbAC0Mt4SpMuuUjm534QaqiYvJQB3WHA%2BA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c2aa5b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 01:13:32 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 685369
expires: Fri, 01 Sep 2023 01:13:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o91rnN7mCOWkKleZi8NMjLyIkCt3X0M0DhiNq8dMfZnKblGz0UkqUy4yuWCTkqatew4quUSuCqTXNgc8hufUxuTfimCF4FGcjUHph5l%2BTz1%2Bm%2BU9smJIG2t9o6cGtY8GxpAthmq0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748c8a9c3d3bb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1
104.21.86.10200 OK 237 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1
IP 104.21.86.10:0
Hash 42b856f70401792ff61ce39f0d15187e
d89f7caec9972737f77b4d6effc214e5ddc6e8c6
498fb25e1b77547c448f19fbbec16747f9ad3ffede9e65af1df28e6b51e7c7c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-147"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q02SrOXcO80D9RzEdLLH0ru230Ag5fOk5AsrwUyQ2aoPvvBZ9UNHcfl8iPP3ygNCALqXlKTvOZpNKcYjN8C02fwgOgjw%2FLjPfWFVTZc2pRFs3CNfcicozGG6riXnNW9qzyGcvBE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c3804b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1
104.21.86.10200 OK 310 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (1519), with no line terminators
Hash d73a797f7592ab9bce3849ab5737817e
9423b36627b10be53d0806fadfe6c8d8d68f9e71
f7d7f8fbdf96b9b72d137ad3ea7ad6bfbd9b935b04f697d60d9ee4600b9478c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-5ef"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TApMk%2FlfWV%2Bl3HsxurTIP%2BcJcYGyiMFtPa4MWYcJQYsadD64hx2N4QueQyLd1bHLcvvMlo5qySm%2F8UyQfNwooL9xB7BZa0Z2VVN%2B1L4SWn%2Fj0%2BdPO2rdY958xO%2FmYy36r77dzco%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c3ab4b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu.css?ver=1.0.1
104.21.86.10200 OK 2.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (11594), with no line terminators
Hash d0c9fed4ee25a9901b0075392fced627
8e15174d523c566ecd24b03bd6f64284b3bb89bc
6707a90e066997a1a63b069a02ac745de76a5d85468aad53e9a773874f7b522e
GET /wp-content/themes/casino-theme/css/menu.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:03 GMT
ETag: W/"5e4d72f3-2d4a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxIC73Oo4bZOePtURkSK6PqSAs2rIKWHHzYGxAq9k0QJt4lqh%2B6GLsu%2BqDWHwiBBW12blIqCdfDG1GvnY0lanSdjz1sJC7HvC3atr7uJK4JlwM2JjMLiv%2Bp7Fi29Cv0QTPS9NCg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c380ab4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10200 OK 21 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd9634fd6b76b33a1ecc722ec66c6594
60cde4939736097ec7dc5001e889635bcf60f2b7
514351d0c268660be9fa9a34578c4146032b70f5835f6ecd4bf6b12b673cf14d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-2613e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCw3Is%2B18T4I%2F%2BVdlMbBS0hmoZNNEtptW4OKjql43Mfe3Cf0tDcdctZXUyMbRE5spUxy4NIP7%2FHmr0B7WyWB3g8p30ZA%2FbjUs7iDT0u0Ju6ybKheF8xuXOpA2SJKS4nwN%2FpnOWo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c3f34b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107
104.21.86.10200 OK 792 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107
IP 104.21.86.10:0
Hash 28e92d0115685376ea13f80d4624cd77
5c49d2ba210b35e9d558c6cf13a5bccaaa950ed8
482f6d092f111156af642386342ff908983668446198cb59289e92180312dc86
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:27 GMT
ETag: W/"5c12515b-e8a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp8WFYEHpMUQUUpo63zSXdRJYVGhMgnRYHVw66c%2FXLYKeu1ZBgvCU3R7SGYEWC6lMuiN5MT%2B4dYmRDyHRm637tV6x9%2BPLpfeMt4QnZAtPdyGHIYXN4gp1QyK7lVCxIVVA9MDRkk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c480eb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
104.21.86.10200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:01 GMT
ETag: W/"5c12517d-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQM3rnoG00WOFBC1s5F9tjrBxvGzH4Ca4Gh4CpOtp5vq3vZNq4cXMKnlFDKEfxrkOc5ZQ5OSAfc6Xb74eELzBD4C2qdJT8KxL3lR67sqwpcFB8mFe8nBXmkuLDgw3LH9cmIYSLQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c5815b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
104.21.86.10200 OK 34 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 104.21.86.10:0
File type ASCII text, with very long lines (32077)
Hash 3a80fc6d5f853164f2f53a98659c0c21
3327cc9fd1e64d96894c1322e3ef52dea7fe4cf1
c390de9d0d8953f70b165680d6122a3fc871006c67a676030596a4c36e882674
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:01 GMT
ETag: W/"5c12517d-17ba0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTq6KA6swi0YuIeR8DW0Hm77Qaydhg25JKnh0dJ3jJQiQt1ELcrHcjuwyVltbPgpERdvlD4pSm%2FqivoBD78rrjCBQLAryZ0eSQuE4sSTWjY61nhtt%2BhdsFISnedbnORDYtWP7D4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c5f41b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4
104.21.86.10200 OK 589 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4
IP 104.21.86.10:0
Hash b1e45bf9bcd536be8008b443608c6c6b
0d22ff7469317a36f82f2b6274c9c791daa21b24
e140ee41b7a34f1a34911b6cd5c933673469cbd4f60777f23c1e4d82e810bfa3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: W/"5b07c29e-881"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jdQ725grVvDKj%2BEQ8GTQ%2B%2B76xvWRqDk%2FGn2V5S45qsXHzJx6MuwejnvxjdlpCWoEBbDhLBSlj7S92RhYc%2B01ltASU80%2FGMtNEOF0AOlwq9DgRGTsM0pu5pQmmuwcZD%2BdkahUsc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c6818b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPJ%2FatdaeH9ieQTi6cIvg8yiz%2Bg%2Bb%2F3kN6Xu59MduQAEOlBmGlHjh7YIkBQ4P6myCgIwo0VQgIhX8nSc%2BcQzlfiqm3AqyxFQinEsa2qALM2ulW9niqjgH11K0AiUrCs3pbX7QzQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c3d67b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/templates/rt_vermilion/css/systems.css
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/templates/rt_vermilion/css/systems.css
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
GET /templates/rt_vermilion/css/systems.css HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4wugUiFBPr2h1pN6K02kNXZc2mhAHX%2Bjna%2FBzyIyvsxVHVlM96QnZ%2BO5NiouZ4%2FjOzaqXKIq039ZzYCv%2B0%2F061K2fE2%2FIlNXUFiGre%2Fdov2072lrAMlO6uSd5VKc0jeJN%2BNSqE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c084db529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
104.21.86.10200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
IP 104.21.86.10:0
Hash e0e4b1426b3215295e18e962a7d55f92
05ea8fd2d6c296a08cfa892650b84408ff473e7c
7551622c8e60a0bc7ea9f97ec1d26e7706618d171b4edc99ed8276872e231970
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:30:59 GMT
ETag: W/"5c125103-38f9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1460619
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5iBs4KbkKpLpzV20LRuL6mbDyNtxtSKZNCDnNnhqTHttY9zeU094ua9f0inLPF04gklfTjJTOqZfA2mYi98RZDw2rz6XjLCc6Hs9UH%2BKAGI0ypeRaB9dKKe4TgWPi03TdQXuqU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9ccdb0b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
104.21.86.10200 OK 2.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
IP 104.21.86.10:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash 4f4a997bc181498157d148ba9b649949
87ff26f8385fcf11c28fcc40c2e5619a8138f44d
fe722eb1adc5eb6c3642f87ba188bfb0b899130719fd73381712d6d710d3ed4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:10 GMT
ETag: W/"5c12514a-17cb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1562044
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cl7X3XXW2kZyxEFDl0TkAjCTN1USVqvu4akE%2B0RsGGWzuMJHAhgXWFiLVw3FiEDwLQoniBLU6YaM1hvE26Saql32277FEEsbFBGiT7GBzz9jWB6wULrQwSUzpqrGLT3Ertmgio4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9cd8c6b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPO0mLeOEQOzPbaXDyH0Hahf%2BmEg0Pd2L0QxLPXTePgqJWDELYdcrLLx0dj9YgdfbYDM2dYKxJO7%2BvdCQ6dk13J1vDpHq%2BxOEGThAvGgn0MyQqWbCFZjRmnOkWY1OfPDWuuuZoU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c3909b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/edit.css?ver=1553000026
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/edit.css?ver=1553000026
IP 104.21.86.10:0
File type ASCII text, with very long lines (390), with CRLF line terminators
Hash 36d221b51828ef8bbcf62f1c250ddeba
8276b7312f88f9e7d66bc9f68deb1ac29e7eda5b
ebc9fa2711b97b9ae51a1e8bf173a46a74007041bf642614685ba36dda0717f7
GET /wp-content/themes/casino-theme/css/edit.css?ver=1553000026 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-eb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S72fe1kleV%2BJc56FVqgf5eKdHpVnnjDLJI4BJPBHMZwChaBXcEkNglW%2BfYkPfRLO%2FjOH4BQiYWMUU5FY6ItencA0uDZ0C5D%2FH1fRllY%2BRHdd2Pjwglxom9nJEbEh%2BFiXUYRHz1w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9c4abab51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/navigation.js?ver=20151215
104.21.86.10200 OK 1.1 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/navigation.js?ver=20151215
IP 104.21.86.10:0
Hash 8da166d76095153623e6bb934ef7525e
e5d0c5d545b3552dd5bf200f29e8f2c8e77ab221
56d5b07b11a2624298632471d166c6197da8a64a9d85d412efe32cc25cf8557c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/navigation.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-b97"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1458291
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2PU20hrxuqbuR9C1vcmCjg9bbebAooLEJQMY7UT5o2ux0m%2BbLVjsPzyz5q8s%2FXydotsAbUdD6Ot8vxsCivuGTgKsOb4PhhV7rzf2y16GuzwsEv3gRaQPNgI0WxuufaizKeiRT8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d1ddbb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215
104.21.86.10200 OK 416 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215
IP 104.21.86.10:0
Hash a58187e217f4b2ee9cd10e8954eda607
49f6e0418c24f410db3a8c8681a7d98455d15e9d
69bf8d27242351ec81cf610c4d994e047c2ab1b5868b9e252596eee0a3d6d278
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:19 GMT
ETag: W/"5e4d7303-2ad"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 2314629
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2iJSDf1eLoKOg7G9ETHbn8xPPDlgPHg9fRSlc8gGDhXMFcGrKg5OHud004kBTZXc0cr0V6Ter2RN7ESBlNnDoh%2FpIaJd3y8mJXZkiuzWDME8vnAI7HCdbqVRWHhIrkRSQiQawA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d18e5b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215
104.21.86.10200 OK 21 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215
IP 104.21.86.10:0
Hash e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Content-Length: 21
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: "5e4d7302-15"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 2314628
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ7H1Vabfx9auIVyPAWzxjFsuvPGRcPkXZwhFCotBcdQ1fuyjpbqGPWwLXMaOhtdsitMXtsUbnmV83m0WTBNWypqHDFLoM7JzWguZkV7BGNQ7AlWawh1C4UsZD62uuwDF53MUSM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d1b37b51d-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215
104.21.86.10200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
GET /wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmHbQ1G0TP0k8h0vjF5iyYoLL3SZWwKW0HTNOApj91tE7IhF%2B4iYD37szmQLrTnknJwctxjPiJpbx69t45sDsj3JMFUpUnUxr0mBIwTO5VVVU4R50IrzapgIwmGLLxZnCVaBreU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d1de4b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215
104.21.86.10200 OK 34 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (32077)
Hash bcf328167425e857c585773a83f0a9f1
5bf83602f9bb9607edba90a4564c8aa81e09c291
994b0b39c149e2a731357570951341f99d2f50cb1c7e1588e8ff30b665d4136e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-17b8b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1581384
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzfRGMVrwPafJtEgiOLaWGa7gCWwJHrn8r%2BNm%2FYL0qeVykjp60XW%2Fe9HxoxFjcknFEkk2z2JneiriHW0wWueVZLXPVATbk%2B50P90JsFIoWXPyXF%2FxV6oDw0Hc5wg15Xj3E15yRs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d19a3b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/caption.js?ver=20151215
104.21.86.10200 OK 334 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/caption.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (413)
Hash 67dcbc30fcfad1892362b21170522298
3ff742e04689a2cad78f844f1b76d457bdb72ca5
81c52b778cf87c87d1569c8fc4229d226eaab8e86833d315ec48b48be074fba1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/caption.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1eb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 2314628
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEZY5eiGOSKDxkU1HyGKgGkpO18csA2H7Z%2BWj%2FC6rEZ9UYznqh%2F3DVMjxa52EQCpn9E8G7KMlCW9As6LAwNna4CZW78hEC4wKuFEdCTwgqaOpXhx%2BVjRhTzQVomjj07vUkGY5bw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d28efb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215
104.21.86.10200 OK 387 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215
IP 104.21.86.10:0
Hash 5b2eeac89cca9a738e26f2c45ca3b316
d3656cfa2054381a5c75c1edef82c379d48a46bb
400e83ee529ee06858a97b364dd9d9db8a65febfafab9334c602dc37cefdc016
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-397"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1458305
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H42gdOB2PBKK2pNozovMFxPZFk%2FvthEvD4DKlL01hP8%2BwTJss4TKliGYL0CmDJsdkY5QoIKoxMTZLCnTP73aCV7PrVh9yKB6vsJMu%2FgpGB5TQo4tKhccvCf2uEJMto0DkQmAro4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d2909b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/core.js?ver=20151215
104.21.86.10200 OK 3.1 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/core.js?ver=20151215
IP 104.21.86.10:0
File type Unicode text, UTF-8 text, with very long lines (7693), with no line terminators
Hash 645f05a74c3c52b4f27a5b44c794fa18
aef324d8d1e2faae36686e6dbb12bcfd080c90de
186313e5cf49316a4816403a527482e2063027ab8711b2f7e77ee5d4c4ab83b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/core.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1e12"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1460638
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NokUYoNbA4Go8G5KGI4TKJj6%2BZw9C%2F7qsoSRTXm6KrnM%2FJgL5T3UFZnkyuIYAYARjDiBGqkWJaHHmKB0X%2BCY3Ja3gN8njF2tzLfjvuD%2BlVGbY%2Fvl427VIIqFzbAIBRa5s6uCYHw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d2decb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215
104.21.86.10200 OK 68 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215
IP 104.21.86.10:0
File type Unicode text, UTF-8 text, with very long lines (2903)
Hash ae2d2eb322f5b11a8cf9b87e102212c5
7a27aee33f8cde60c36ab776156e4816aa141ef9
dc69b934843a0073d6b6c1125536775cd92a41d21ce2160a1ed2d7cfe1de490d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-39d19"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 2314628
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVSJl48vjdOjKh9%2F%2BNJqheAooPc%2BN35HZQu6DEmbyLDdqnnNLf5rH6wywnC5XgtOYSCaJMhsTbE5d5rjLcVy%2Blu1ijxis1zconoSpBiF4NgGG1iwuCmB82a2voGc0T9a3k5Di1A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d29b7b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/chart.js?ver=20151215
104.21.86.10200 OK 4.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/chart.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (536)
Hash 76ee9e365261a3cf2b0fd565d601b8ef
822164a3fb51ffb55a5c3356f1a79a29df58a600
264d38df92f6e62b140f92c260ac96af2e210429c40d7b19971313cfccd77af2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/chart.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-4d31"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1581374
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9HG3l9a%2BLuTbg8qS6KkxsmV2s%2F3u%2F%2B%2F8vt%2BAsVKp9BJNldKxhQF3eG4O3GPrkeTEmiebnrtNekfq02VTGCk6LPuFIY3AsImoip7YVmCGQhqoAAuWsJtNeG0cvkSg%2B4%2FLZrWTWk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9d8b6fb51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215
104.21.86.10200 OK 187 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215
IP 104.21.86.10:0
Hash 2b2ecc6023c34d28dcf10a7b57cdf412
b5dcb37a2e705625537c8b2c62cd2ad96114fe5d
c95d89cd5045462341bd479951e46f511bc198a007e1c3c2f701d3da9d754e7e
GET /wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-ff"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1581387
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfqvPmJWFWeA4eRpeUtyAg8goXrorAs%2Fr0QndCh%2Bb5IE87FRxntPM5y6II8G0IDXwGdNPYdsoMXBlHwVUtiebkjfNZsNWUEbfHbx%2FYrqDCKSRnT1zwAiyALCtOqo3YvGQ97WubM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9da943b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215
104.21.86.10200 OK 1.7 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215
IP 104.21.86.10:0
File type HTML document text\012- HTML document, ASCII text
Hash 5da0e9224ce987bb2cd10033c191e565
1c60cc73f9cde5503fd2823b47f55bccdd4a2a59
f4742f7e683472498056b4b5aef824a8992b398b82ef5dd8f6fd07e7e423319f
GET /wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1244"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1460617
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft01LlPxGk5Ma%2BFtloSk7dP1eNaS3e4KVP4xs32XDqAUbKNYHOBN%2Fp0U75DWREGauANExBDaQ7Nx%2BbzkGgs4Qlj1NBSQTuoX2pmgQLhFRD09AfK6mL08p5HMff3mtuDTV1JQEZU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9da9e6b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215
104.21.86.10200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215
IP 104.21.86.10:0
File type HTML document, ASCII text
Hash 6c68a1ba6ceff473fc314ec07549d028
f242990a422188eddb1b50788f9dfc440001d4d8
fbb5edd301249c053007eadc8e1baf934937b273438beb9fe123984e4688499a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-bc7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 2314629
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nafQLPwxa%2FjJ1tH0Chw5VJVVWMm72SPKfT%2FeZb%2FcKTIzKjRXd9e6J3hXDLRzVFuqjhPaRoIQBU3Vg6c0W%2Bk8iMIhNBMNt3fy8bz5WWwT%2FwO58K7ow2ID4z%2FElqx3gDQfuH2Ij%2BY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9dab8bb51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (324)
Hash 7adda2b653b829227d343abe1311494c
ff506aca52274fca851f381bd2a2386fd40da4de
2c43bcafef1aee5b49d272f9fe89b0c2c423748e3c3e2f9469d6c7ce64ad9187
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-c12"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 2314628
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5Aker8RIidIx1jNXN9CafCDYKVbOg9S9tg4aFLfdBzT%2FRhQYMZO1Usx29UVtJFXJvgpULjLoSy2lX99fUlMfgqvVo9MgdjyHpud6%2BUFpS5%2Bqml0ymQqLR2HLg%2FYjvPOiYBk3GI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9dde46b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
104.21.86.10200 OK 5.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
IP 104.21.86.10:0
File type ASCII text, with very long lines (12815)
Hash 856be0bcf6f83bda23869b9d928070f9
78ec42aedab08604ab3f9d8a5f604756f160cca2
8b9fa2f42ec45e87a0c573c35583a1f17e99c7558651576a09fe82b0d38eae05
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:03 GMT
ETag: W/"5c12517f-346c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCWsFRah8ZLdKXAznFqPEQVtZlv20WRsYPLmSY56g91IbvNgNmZk0CYMo90QJlXj%2BAKUv2Vkvu6VpGCYYCPI9TgNoV0ZNPU4AzCwCorXlBOSM5SkN5ERAKB0%2BDiguSzdBT%2BeX20%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9dd9f9b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
104.21.86.10200 OK 651 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
IP 104.21.86.10:0
File type ASCII text, with very long lines (909)
Hash 96f627e7798c9def04ee4b1e7714ab6e
4448490e333c96bec60f73524e3cb31632975283
b4beccacfc6e0c0dd3d311c6384ab0bfbd19431e8e83241b82bddc7d31ce7fa4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:03 GMT
ETag: W/"5c12517f-473"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7Xnr4ytKjgWj6dLvb3YDZjmN6zs%2BRs1SEdIDK7jgA6jSdNG7piU%2FvY7jSdwp%2Bu1uNchGcEpPt1img0slczRFHsw5TVmyWX8ZOfMdxMgZYYQ9cOqHE3CeABoV74%2Bfduq42GM6wk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9ddb9fb51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215
104.21.86.10200 OK 6.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215
IP 104.21.86.10:0
Hash f3a8d2cf6a5f3c5c972830ad06462b06
04b63feeaf2840606fc82d86f48596b8733d8bba
8ff52ba129497b1cc4827635f0c2576b8af2610d08fb296faf2524cd1492d415
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-8521"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1460615
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H72ovXcomHMjAjwLGajAxm7i0TcBfB305xVlowz9YkjIASUzXHo2cL%2BQ8TK19JqYkGNEs7L%2BSBzzu2W1S4Q1JxYc51Xt0BaQ7gzyRY9prmZ4IOrFkOAPNxRMV5CWEFqAEgIeoFw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9dd960b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107
104.21.86.10200 OK 548 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107
IP 104.21.86.10:0
File type ASCII text, with very long lines (1087)
Hash 72091825ef7903704f9a7eaa0cc1f657
c89609424b128d042711f6a056d6b3b657dccc52
08c73ef9e50d21576593c091ee035966ba02ca5232d71fed2bb5d644cf3a4275
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:34 GMT
ETag: W/"5c125162-465"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 2314628
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13qd%2FAgbCo59NF01KoEQ81jg9VBkdaAXieTG1vSUljpR1iCSUZcBDVzJ1M3ngCW7wV0AY8vGS7ZEqkIeZWTZaCXENtqDBkCcdV4eV772xhnA7jsbRxgHlXJhsqijU1mGES25%2Bm4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9dde48b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/wp-embed.min.js?ver=4.9.8
104.21.86.10200 OK 756 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/wp-embed.min.js?ver=4.9.8
IP 104.21.86.10:0
File type ASCII text, with very long lines (1398), with no line terminators
Hash 77ce65aa27658b26944312e742e1d204
952f595220a39db2f6c8e65c648fa6b1ecf92024
277851a5b1d095133da0244edd6952c2f6fe5ec1b25633812001abb796681616
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:17 GMT
ETag: W/"5c12518d-576"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlGXqjMFYpZwc78T1wE62yafleWAeikKtgwvnvJvTIR%2FiuQY8dwP%2BGl5qAkG%2B6HnEFOhXuLV4sDe0P3a9dOT1fcew%2F1DfjksC2XNq4qZAp72gt4HhSxNt9avwSR14fKW5T5LF7Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8a9dea01b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16860
Expires: Sun, 11 Sep 2022 05:54:33 GMT
Date: Sun, 11 Sep 2022 01:13:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16860
Expires: Sun, 11 Sep 2022 05:54:33 GMT
Date: Sun, 11 Sep 2022 01:13:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 22:14:30 GMT
age: 10743
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd709702d50113aec782e45bb5ecb2a8
c5fcae1c388ff8f44b9e47734b6b65fd4e0fd856
0ec10618a7f2f77cd339e9d1b4e58d29c1c9ad1575f434c813c1d3014c90bf76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9990
x-amzn-requestid: 712405bf-0677-4711-bde0-8040561267a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLlngEY0IAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae963-75feb6255b5cf4fa51ba7d54;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:21:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LMS65rPhliq1UWuz823twST0_lBxm7VrcLy28tOMTvCm85TsR7OVCg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 14:30:06 GMT
age: 38607
etag: "c5fcae1c388ff8f44b9e47734b6b65fd4e0fd856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16860
Expires: Sun, 11 Sep 2022 05:54:33 GMT
Date: Sun, 11 Sep 2022 01:13:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16860
Expires: Sun, 11 Sep 2022 05:54:33 GMT
Date: Sun, 11 Sep 2022 01:13:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575cbeea-0492-4077-860e-f45cbde03214.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575cbeea-0492-4077-860e-f45cbde03214.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74325b22b17ccc8fc436ee168025db8a
5d9988e20cc17fe6d1e039245e6d3093d828a5f3
8c96153bcbb763de99f8880b5bade68d90f88cff57b8d5218bf209f5d582574e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575cbeea-0492-4077-860e-f45cbde03214.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6481
x-amzn-requestid: ea2eede0-9777-4af2-b5c3-71f4183e8ffc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqeGcyoAMFajw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f30f-72e823577e73983d407fc0ef;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OMxua15pFb1lTLQQeF0JavYDqnZdSgJb2ZJGg7fN2lWcvf0dA5lE2w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 09:38:12 GMT
age: 56121
etag: "5d9988e20cc17fe6d1e039245e6d3093d828a5f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 12399
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fea5dfc4a6a5093fd81899ee4a79d446
c893d7475856809a59486e0bcebd6d662d1fc56f
915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LsqH-LbjMGWrhYB93Qkvq2qVhqNs-3MWgrrOFzC8qPcY3fF5ujSD_g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:54:44 GMT
age: 11929
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3d8bcb1-416c-44eb-ac9e-6196bed61280.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3d8bcb1-416c-44eb-ac9e-6196bed61280.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0119f7d5458bbad12e972d04221e49ea
f05c46d74d8dfdd7fee763ec1e80e498399fffd2
eaefac45720584447a601fd90300464fbca5092117a670ac73be3b47884ba7fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3d8bcb1-416c-44eb-ac9e-6196bed61280.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8005
x-amzn-requestid: 63121855-7f9b-4c3f-b9d3-0c3bc06c700d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yx5HN3oAMFxxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fe72-7edeec96509ac24b442836cb;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:12:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MjYVR_YRfhLgchDlWjHka0Ggdp-upZ10LFrJSMjtVnsGe4oqxSnepg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:11 GMT
age: 12802
etag: "f05c46d74d8dfdd7fee763ec1e80e498399fffd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/uploads/nomera/temnyj.png
104.21.86.10200 OK 16 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/uploads/nomera/temnyj.png
IP 104.21.86.10:0
File type PNG image data, 300 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash afe778684379fd18d59715ee1b3f8f0b
641cff282743daf6c12935fff6f60f5b2ddeefea
c34f1bf88aaff57831c76aa6d8ecef3811670ffb7a211deadb1481ae21329b01
GET /wp-content/uploads/nomera/temnyj.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/png
Content-Length: 16067
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 17:59:56 GMT
ETag: "5ecffc1c-3ec3"
X-Cache-Skip: 000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AymcdW217jMxvYGywOWuuNpvecaAXD3hkDr3zM0niCWoR%2FWXdqQ9JyTDkp%2BR3fwR%2BhwMCrG8TkqyPWym48KxZ3uI0BgDpP4vDvaOyJs3nEsWc7Cdd40fGZ4eyBqjLT60I4pwIIw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa0bba6b529-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
104.21.86.10200 OK 4.4 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
IP 104.21.86.10:0
File type ASCII text, with very long lines (9118)
Hash 753d9a1cd7cc47e65c8b7c21543b1616
c4d57275c339b3b8df1d24124bd10d0926b5575f
8a04b00f98848434b8139a8cede0c5bb33334ea3be64ddd3bfae16977b396a6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:18 GMT
ETag: W/"5c12518e-2efa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJIxVrqQpH1%2FphMIBuLL5nQeTkICBbrczFA%2Fx7yf2jJjVHl9rx0TKOTomXjj2uc9HZKOxC6%2Fsr2rwzG2LXMVs5JuIOixmoJaExm7xcz3ULTP%2F4c0Xq5mjN8aSrlpZGG4HBgMAzM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa11bcfb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLSxJVFTLxd30kZoXfvf8GnKRaSxoAAK%2BDpwmJq9xvjWgpA7xgCwhI32rCq%2Bf5ZjOTqxnp2mbOGuevXRVgEFQYLWMcvPkIF9A7SKpqYfK1eQ6IYkBypPf5HP9f7%2FvZeiU38mPLg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa12bd3b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoOf5BL1XTyxnFmUIeAC9WJ%2BoVku2nZZc4rj48cIRgwWAjr6hPSMPP33qoSVZnncgEyDsaLP2hQ%2Fu7ZCt1hljXOfRWWceMEXy7%2Fm8HYLg2bsd3TroDL4O7jMCEClq52%2BMpxkKqI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa13bd7b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png
104.21.86.10200 OK 15 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 464b73a2f6a9663f96380be90087ee51
8e2c879dd21aaf4a9237168483ecd4f229fcdeec
1ed3a52831e8816fe8a7af982270c84b8f2fcd24b2b05991a2ef8997e4409baf
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/png
Content-Length: 15070
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:36 GMT
ETag: "5c125164-3ade"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH1obJREH%2F4bv6GIm84oZVnQl7dftaJCOTlyn4VUv26dKF%2FhENRQJgiLdKzR4OUrevV5GanNi1ZNsfBaVKNyvG8dBcniKAYjW4iPvutZTN38zUhxY6Ban8o2RbTrEythUa6wrlA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa13be0b529-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/29.jpg
104.21.86.10200 OK 587 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/29.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash e5e275bb04b3876eac5d166fe0f5a668
63a64349cca0ef32e6f73f1da23ff374dd46168d
c9297ff4faffd53ce24755fc22aa4700e5d0969bd84d01c4ec7d3b38a09c17ef
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/29.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/jpeg
Content-Length: 587
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-24b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pu92GylZMCMq2htHZaJxZXDW48cf9yF0r60wOC0gkpH9c%2FAhkn9%2BiNYpPEOeiDLy9jXsQyedz%2FQUt5ohtuIyyrade4tFdQJsU1ZdYrLDf0kBSBCNC6o2KsUueeuRL2K4ZjhlW1A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa0bb84b527-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/uploads/nomera/belyj.png
104.21.86.10200 OK 15 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/uploads/nomera/belyj.png
IP 104.21.86.10:0
File type PNG image data, 300 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 091e0e46fd55e28f3913afb54c502107
1fb6f99e7e106a1abdec2946f3bc8574ab8dd67a
be317d51545ed22c532dc2c0b2439e9b022b956672c6a7104363f7502ffe1de3
GET /wp-content/uploads/nomera/belyj.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/png
Content-Length: 14994
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 17:59:56 GMT
ETag: "5ecffc1c-3a92"
X-Cache-Skip: 000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTvl%2Fm9N6f%2BIzSRGWiKMHCPFct5YrN4SG4vaSB2QRhpXtJXcggUF5mwRVd9ll01j9ibJz1F9amUYCI2dFuWosVqLIlWFWqzyM7R0rQvBxd81x5p0TOz4RSHKgvdzIZM6N%2FFTbo4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa0bfcab4ee-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/27.jpg
104.21.86.10200 OK 4.9 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/27.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 231a258b9fbad6aad7e9e62174d47d81
3b9dbd8f2d318e618214a64a20f9ccfaf2857be3
4c3c7cc821c704381ff95b438cb9999c413fff9e346e98f80396e59055191f47
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/27.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/jpeg
Content-Length: 4911
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-132f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkonHEPwa3Tg2svK1J7HsbaDiMqRado4A1Tzcuf1BcNaToIUVIWYB4VrnT9UC2x0qP6fuQ6dMqAg%2BXpuCSfwKeW%2B8YYL4DJLemp%2Fd57mYDpnWnCl%2Ft36G%2FU%2F9uiYmLEp2L8EZVg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa0bd2db51d-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png
104.21.86.10200 OK 18 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 8413bf6f1dd2223f3be09256f755c682
2f99d0744f451d7d631fff57510c99ef5a0cfd15
bf75418f7c7e4e45ba7c9ef9e2f0ae766660e4290022bbd91ca89116a8111bc7
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/png
Content-Length: 18310
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:36 GMT
ETag: "5c125164-4786"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAoqW3sR7s8Um9uMtGqRxlv6dls9qUEe2eM8XTD5gZs9Dtjk07zGn6AJTeYbPgBqtNO%2By%2Byk7gCPUEwWfCXgHzj8BbFLkZUOPmW0LGyHxrEzNiVRPgV%2B5gFly4O66kwH3jzxfe0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa1781fb4ee-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg
104.21.86.10200 OK 1.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 1e196375ebc7ccbfb4c47aeb3734c109
1bfd1466ce267bf0bccc357fdd9e0d3a315c6532
1b7185720d91ae5783fe3b1825bda551f4358b223fc086d19cc1c8f98bd9dd50
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/jpeg
Content-Length: 1027
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-403"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3f7BoY4DJMnHZixPzrG%2BZWUSL5sgNA4Lpo29u%2Foxvm2tpEIEduijSZQmSrKsvQBuHnx7ezhCrS4MnFuv4ZpCMLaEbDbkTZxs9UMrC%2B0AdatTeRzPBzzcVb%2FkoL0tP7C3zeZ1QE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa17bdfb527-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/18.jpg
104.21.86.10200 OK 4.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/18.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 5c16bf762666704ce04c0084061ec888
3d705799a2052a813e2dd43851b54c8e6542dfd0
94f3aef9439b20dff384179a634d118e0356636fdbd6cfe5b29d6f6072778a50
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/18.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/jpeg
Content-Length: 4241
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1091"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfzTIknsO0THoVNpm%2FYCoxe%2F3KHXL7cezSbPkjBI8KCrMYGyE4bTKOFtfqcgjuFUNnZ2GskrMonaM0yFkDDXdErgrk%2FzJ7nNQWvzICwnKsDvmINciH1gk7Fkaw6yYHBFYEQvIo0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa14beab529-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:14:35 GMT
expires: Tue, 05 Sep 2023 21:14:35 GMT
cache-control: public, max-age=31536000
age: 446338
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:27:53 GMT
expires: Thu, 07 Sep 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 279940
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/11.jpg
104.21.86.10200 OK 2.4 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/11.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash ddb3291245cbaa55790eb36c4093c550
1c929680ce99a6b5873ae960f440ffd7c46b0451
a15e780363a7c54e554c724ce6f3f5e93323562837f3db0d86b2947c03af8698
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/11.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/jpeg
Content-Length: 2403
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-963"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWPuLC2hnS3tyxSHoIjpEfewKZ963yU%2FQkljDKUtF%2FDnSl5RwhEXEY8%2F1r84iGdJGPa1jW0%2BIAy0x0Edb8H4xmvoEibWVl%2BSSoX9JMRnTJ5ChmKYfq%2BIm6UEdedzW4YQTc%2B4iS4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa18823b4ee-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/7.jpg
104.21.86.10200 OK 620 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/7.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash e7f0569cccaadbe70191c5088be58c83
b858efcc416bfa1268e528f5fdc0bd0c7ad7e2e8
57e31120d8eca1a025f163bbc7f6e1829e58e2d905d876581ccbb8dbe92a0ce5
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/7.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/jpeg
Content-Length: 620
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-26c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCUdTrxVZKULnAjzxAIpO1uW62IAwiqRdmMBF2EXlgLY9MGySdkv7nYXDl4zqEJDP1AXeuh%2BbxvvLGxfgQhNCg%2BH09JDN7NuPP3z5iX%2FvcbxLMCyF1DHiCgdaspWeMQbP5QSy3k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa18beab527-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png
104.21.86.10200 OK 20 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 93551a3aa448b291fb298c65875cb86e
b215ea724beb57ed1d73290d86189a384878a629
becc186aefcbbc15ac415d868dedfb684539a2e97deb52fcf6aa932833d52185
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/png
Content-Length: 20026
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:37 GMT
ETag: "5c125165-4e3a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166359
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxjKVS1XVatMdXNCR031dGTG32nreEOEiCtwI5M7tG9FAwj75ZgCXb4ajnQuRbHbqvEcHDihDALpOEa3vwpu9K9Zcvz6LjY3mvNJqleix6CxjXlXhX%2Bs44VhOlOXZlCIzbWPjOU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa24c46b527-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
142.250.74.163200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:27:54 GMT
expires: Thu, 07 Sep 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 279939
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
142.250.74.163200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 29928, version 1.0\012- data
Hash 609bea65e2bf8ee9b728a85a8f1b282c
a0d2fbcf012e6554fb8cb182994ec8eb744ab65d
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:39:25 GMT
expires: Thu, 07 Sep 2023 19:39:25 GMT
cache-control: public, max-age=31536000
age: 279248
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
104.21.86.10200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
IP 104.21.86.10:0
Hash 05a60b945e7a9243465c60f1efd52c56
c56040f88dcfe408c10b6e7553b563363f5265d0
a4a2243f07c2f299b5aa0c69fb1e53772d81136f0b25729c13b275a05ad0e488
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUju2kZbwFRKCnjX%2F7eHOVAgta9k%2FRDesCf76qxopTzEzbPTrnHqcUvHliFNwrc%2F7lRKGV1fYsKXPeY6ZXmpGiMdKwaO9zHeT67vJILR1O3iRUQLusfX0U8%2FAlJg2ei3my%2BXx%2FU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748c8a9ca843b4f3-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28444, version 1.0\012- data
Hash e996a4db02cc36705ce700e4b5d06b3a
c5fa1dff68d7d83689f58bc498caea9041cf7b75
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
GET /s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:29:11 GMT
expires: Thu, 07 Sep 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 279862
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/13.jpg
104.21.86.10200 OK 3.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/13.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash febd51c7779041243414fc9fff39034b
b5383e5aa3d8f71b89487c297ec253d5af55db96
1ca09ba179d7b3ae0c784a9d4a8def137b8f717d011b2532f7a9f6020c972018
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/13.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/jpeg
Content-Length: 3532
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-dcc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNIIoGXYkG%2B%2BvvRE5R4nzHFB0TjfspOCt4uQooMEmSs93mhXh25qEln7S%2FGrIMof6%2FJhJM0AX6zZWg3lzLXpaDhQWBfMuUuuP600CHE8p67f5KnV7grs%2Buawwf8NyXJLE45ZwkE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa23c5db529-OSL
alt-svc: h2=":443"; ma=60
info-personal.ru/wp-content/uploads/2014/11/lichnyj-avto.png
23.105.254.4200 OK 42 kB URL HTTP/1.1 info-personal.ru/wp-content/uploads/2014/11/lichnyj-avto.png
IP 23.105.254.4:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 650x487, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1688700b1dc161457e0fe95abf42f5fa
18b2afcd8ce4b11840e2d0a7379b5c62391be9dc
f807bddf0aa711a38271fac03ab1f748a9588e1c1f1c4cada0c3381ebb5a9648
GET /wp-content/uploads/2014/11/lichnyj-avto.png HTTP/1.1
Host: info-personal.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 18 Sep 2022 01:13:33 GMT
content-type: image/webp
last-modified: Tue, 20 Apr 2021 12:54:54 GMT
accept-ranges: bytes
content-length: 41744
date: Sun, 11 Sep 2022 01:13:33 GMT
server: LiteSpeed
vary: Accept
x-webp-express: Redirected directly to existing webp
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/1.jpg
104.21.86.10200 OK 8.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/1.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 2fcdd04fd6c19fc6f0eaf3ccf4bc1f9d
8cd8f3743514c1a6b8d65f3a6e1885da14426c20
db5cb1215481926bd9f2b41c1812034ee4a53aedbd3229e7954720a11fbe5056
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/1.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: image/jpeg
Content-Length: 8028
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1f5c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xse%2B6RlTvRZsbf5mnOoX1y0t1kDTewvGzWqRHy8WG3re9%2FGqUQRNeY8VBB5rJeQzJnKwvGz4gvvhtydKi6c%2FlQ63v5yBUl%2BDc7Es%2FbFxqIOgTD7pe6bJZ%2BnrpXduE6Xyzx6ascI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa23881b4ee-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
104.21.86.10200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
IP 104.21.86.10:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 006849bd75bbbb96d5b1f5997bbeb52a
21ce90bf8bc0105fe13d635d5f9b8404d8759e82
56c87ee1e1a6878217897741f85a8048012b693a4cb6b03804a322d8fed02a88
GET /wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:34 GMT
Content-Type: image/png
Content-Length: 1286
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:34:48 GMT
ETag: "5c1251e8-506"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 166360
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueFQPs486bcZNI7UaAbVCa5z1iUy7crncByqAanpGgcMnOw5YQwm5a0XbPnw0LA%2BBXk72n1QpP0lWVm0xT6bzR766YosxO4sTowlKqFND%2Bq8FYT288unHEppmY3ym8hWX82Zb6Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa489abb4ee-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 45696
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/977792fa/www-embed-player.vflset/www-embed-player.js
142.250.74.110200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/977792fa/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (592)
Hash 7fea2163775a946d24f227926a203ba0
7eee7c5405181ae1d4b4d58f5ffb9adf896bde85
2e327a4c4dd232f389037424af74d8f8109c0c07c6fc3523f2fe16f5c5c0701e
GET /s/player/977792fa/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/PbO_tOHWMnw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97906
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 17:12:38 GMT
expires: Fri, 08 Sep 2023 17:12:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
content-type: text/javascript
age: 201656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/977792fa/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.110200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/977792fa/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.110:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/977792fa/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/PbO_tOHWMnw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 17:12:38 GMT
expires: Fri, 08 Sep 2023 17:12:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
content-type: text/javascript
age: 201656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/977792fa/www-player.css
142.250.74.110200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/977792fa/www-player.css
IP 142.250.74.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2ff7dffe38ec4ee2b95236282ac9cbf4
b6940a9d6abceaca9a1334599c86e5ecb387ac99
0e38dff0d3a50af651a267c68cb9a4cf577863e67b0afd88a20e11f82335bb11
GET /s/player/977792fa/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/PbO_tOHWMnw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49093
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 17:12:20 GMT
expires: Fri, 08 Sep 2023 17:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 00:15:07 GMT
content-type: text/css
age: 201674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dbe3a0cdacad2b3866fd4934190bd431
969e13ad553587f1577d23125c6119e773a16c59
91dd0e187bc2576c0830567d1ceeadd3a106afe08622ccd6498fe0bdd32f4d4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/PbO_tOHWMnw
142.250.74.110200 OK 28 kB URL HTTP/2 www.youtube.com/embed/PbO_tOHWMnw
IP 142.250.74.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60074)
Hash f4c4dadd56d4e3f7a7d7fe155b0e06bc
7914d77ed8a080ad4715e6b420ddc8016f57c325
e0860e09b4c4777f62d8ae8ea998c0570e057ca3bc309455c004756408e74643
GET /embed/PbO_tOHWMnw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 01:13:34 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=fjq-UIcafUQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=OZvRhdjO8HQ; Domain=.youtube.com; Expires=Fri, 10-Mar-2023 01:13:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+881; expires=Tue, 10-Sep-2024 01:13:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 00:59:23 GMT
expires: Sun, 11 Sep 2022 01:14:23 GMT
cache-control: public, max-age=900
age: 851
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 11 Sep 2022 01:13:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 11 Sep 2022 01:13:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1a2a4bd45f106f356391b9c04864c1af
f521fcd91cb70fa30156bb0cc2f6e05b922d0693
e8661c58278050e669044ec70dcffdc732109123bcbe65dd5e71c39c57f646b2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8661C58278050E669044EC70DCFFDC732109123BCBE65DD5E71C39C57F646B2"
Last-Modified: Fri, 09 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4691
Expires: Sun, 11 Sep 2022 02:31:46 GMT
Date: Sun, 11 Sep 2022 01:13:35 GMT
Connection: keep-alive
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
104.21.86.10200 OK 41 kB URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
IP 104.21.86.10:0
Hash 1cd092fd6fd2c6e92decdd38991ee1c7
3693c2c8f38d0e1c828b6f87e5f459038deaffef
2c57be2fdc1bfecc899db1ea819d8308d28add1a80f7723726ffd59830e0cb67
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:34 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URc9O7hXcuqT3lJRV%2Ftjq0o57tmbfiu2CgrqIEg%2BDKzMbU3oO11gE6x%2BILFQRSTxhN6zbjV5A7mQG4Vk8ElckuUQ2vLvf3kpdjMbggrn3%2BNSQOb810Y89lCb7RSzRUeCYJ6ruQs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748c8aa17d97b51d-OSL
alt-svc: h2=":443"; ma=60
counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992;0.5003382708682367
88.212.202.52302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992;0.5003382708682367
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992;0.5003382708682367 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
HTTP/1.1 302 Moved Temporarily
Date: Sun, 11 Sep 2022 01:13:35 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992;0.5003382708682367
Content-Length: 32
Expires: Fri, 10 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dbe3a0cdacad2b3866fd4934190bd431
969e13ad553587f1577d23125c6119e773a16c59
91dd0e187bc2576c0830567d1ceeadd3a106afe08622ccd6498fe0bdd32f4d4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9832, version 1.0\012- data
Hash efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 22:23:00 GMT
expires: Mon, 04 Sep 2023 22:23:00 GMT
cache-control: public, max-age=31536000
age: 528635
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 2d3956ea4022b593b0e54983293393b2
fcfed721d4cdbfea0d921f7945fb23eed79a90e6
f7843bc63983d52059d4fa29a0ee2dcfb9156e61d8613c98cdcf8c542c31d781
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 01:13:35 GMT
server: ESF
cache-control: private
content-length: 30779
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1a2a4bd45f106f356391b9c04864c1af
f521fcd91cb70fa30156bb0cc2f6e05b922d0693
e8661c58278050e669044ec70dcffdc732109123bcbe65dd5e71c39c57f646b2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8661C58278050E669044EC70DCFFDC732109123BCBE65DD5E71C39C57F646B2"
Last-Modified: Fri, 09 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4691
Expires: Sun, 11 Sep 2022 02:31:46 GMT
Date: Sun, 11 Sep 2022 01:13:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da7b1c24eee0db0c23872933557b7521
b8bc1215b4073784c048587e51a40152bd88c8ed
6ba38b5c68971135ed3f1fbe7afa658ce883240142a4244ce7d84fa251a64c3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/PzKwASpP14dcK-4xI3W8wlArk1PaCxVzsebnznhuyzw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/PzKwASpP14dcK-4xI3W8wlArk1PaCxVzsebnznhuyzw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35934)
Hash f7485f2e71f406d30ff52095698b34a8
d9d15fda21d492235bcee9d738b7db04aad8e5f4
9f62a0d008d0517f5d0de5c67e03045714ee37312c38988b9c5c679d83a392c3
GET /js/th/PzKwASpP14dcK-4xI3W8wlArk1PaCxVzsebnznhuyzw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14059
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:03:35 GMT
expires: Thu, 07 Sep 2023 05:03:35 GMT
cache-control: public, max-age=31536000
age: 331800
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0
104.21.86.10404 Not Found 42 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (20374), with CRLF, LF line terminators
Hash 1da2a92096e0a88d29ec24159ff3020f
f9cfff1d2cf6ff4cf725c114074ff51c0e600f5f
b0f97816b838ef47181e6ee2ef2d747b0a2fb646395dd497f0d49ab9f43b730e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 01:13:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
Link: <http://kozbanov-lawyer.ru/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp8CzCTMLlpFRLDgeN%2BCgEUmSuQeGijpOEMDgK8VWM3x%2FSFvuHsbXLZnRv%2FEhLy8p2NHRzoUZ00A9w5ys6sSIMQ0HkrqKsZqNGuUbRtiHvhUF930ZnpVa8TV1EYPrUqtq9bV0ZE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aa7bbceb4ee-OSL
alt-svc: h2=":443"; ma=60
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash b1e23f9716f17f5e89f938ad6a1f674e
b1ee3f07160496c9b074beddb471851283d3c513
3099a074d55ba698ebfb8f0d2b4c8f962ad99e8d582b8cdbafa1b525061cc4e3
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 01:13:35 GMT
server: ESF
cache-control: private
content-length: 30595
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2cd6ebfd1e23be524568bab24934694a
a30075689c933fbae2fe9afb5d2c3ae571a2ff8a
5390ff960df2676c47b8d00ba33b53756c0879f8bc4ac2a0328ea102411ee8d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-f_ITrJGazmMnrjrOtFZBSPAinOxcJ5FGzBMOE=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.6 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-f_ITrJGazmMnrjrOtFZBSPAinOxcJ5FGzBMOE=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 726534debb6963bf8089e9e873b17d12
ddfff5c3042bd9af768f2c21db1cc683a7fea1d4
ca1be3161999d8b2daf210ae1dbd8c41c7506a0c4fdf0b8b4d259f5d6fb1cdfe
GET /ytc/AMLnZu-f_ITrJGazmMnrjrOtFZBSPAinOxcJ5FGzBMOE=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3566
x-xss-protection: 0
date: Sat, 10 Sep 2022 23:26:31 GMT
expires: Sat, 30 Jul 2022 07:14:28 GMT
cache-control: public, max-age=86400, no-transform
age: 6424
etag: "v2a"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/PbO_tOHWMnw/sddefault.webp
216.58.207.214200 OK 21 kB URL HTTP/2 i.ytimg.com/vi_webp/PbO_tOHWMnw/sddefault.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 758afb640d4db5c195afc3b59d50d0af
59299512d5104f71c9690ebbc2d393757834e60d
05c42bf291958b40dd0ec019d516ea442aba386f4b2c694870c31012c2d0d26f
GET /vi_webp/PbO_tOHWMnw/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 20614
date: Sun, 11 Sep 2022 01:13:35 GMT
expires: Sun, 11 Sep 2022 03:13:35 GMT
cache-control: public, max-age=7200
etag: "1537790728"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/C1F9d9C5Hb8/sddefault.webp
216.58.207.214200 OK 18 kB URL HTTP/2 i.ytimg.com/vi_webp/C1F9d9C5Hb8/sddefault.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 35958c60c3c9b48db0256eb0a1ecc078
6c008f8497aa2b6d990ebe4e10e5a8899da10e1f
3ed3ed65df3aadc3e358bdaec08e158d076f0ebf38fdd5323fb18b8816a285ed
GET /vi_webp/C1F9d9C5Hb8/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18446
date: Sun, 11 Sep 2022 01:13:35 GMT
expires: Sun, 11 Sep 2022 03:13:35 GMT
cache-control: public, max-age=7200
etag: "1470043899"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2cd6ebfd1e23be524568bab24934694a
a30075689c933fbae2fe9afb5d2c3ae571a2ff8a
5390ff960df2676c47b8d00ba33b53756c0879f8bc4ac2a0328ea102411ee8d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/utTmvQI55qJpTSda28pzJdKhjSrktyUeE4o4FETYWqokg_uQMK4auIv3t9Pbg5Dilg7MiVAf=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.4 kB URL HTTP/2 yt3.ggpht.com/utTmvQI55qJpTSda28pzJdKhjSrktyUeE4o4FETYWqokg_uQMK4auIv3t9Pbg5Dilg7MiVAf=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 0c2706f5723907a9ef0aa54709b83b57
4153f7ecf8c301586ce02b06e99ac0a30d8eac2d
927c7f05f7b05a10d9085c284196957b488590538ab820bb03cdc1841cdea17c
GET /utTmvQI55qJpTSda28pzJdKhjSrktyUeE4o4FETYWqokg_uQMK4auIv3t9Pbg5Dilg7MiVAf=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4392
x-xss-protection: 0
date: Sat, 10 Sep 2022 22:53:18 GMT
expires: Tue, 19 Jul 2022 22:39:38 GMT
cache-control: public, max-age=86400, no-transform
age: 8417
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0
104.21.86.10404 Not Found 6.7 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (20374), with CRLF, LF line terminators
Hash a804865c7768b4fe486d16368d6afd3c
cb4c43157e130dbf5121318de63c641e7c94c318
0190abae1f59085769208f522eb170fd18b863cb7d58d32fa50a9bd42c71a613
GET /wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 01:13:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
Link: <http://kozbanov-lawyer.ru/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rig7NUiCXCIEY8p6aP%2F3GeugY3cAByL%2FbRlAtBSu9X5hhH4PqGb9yc%2BfQCSxJnRdzWCxaumXAe36YP%2BQXiMaNqUKyVLr0AcITrMHcToFeF9Jmt%2Fh%2FrlWc8VyG4Bg937EvPkVIE4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748c8aab4df5b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 11 Sep 2022 01:13:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8a18e22dca14d43550d9752386b6f23a
2f89f642028ceaac0e781b8451400055f2a96ff9
f0e4c2633b5216a14bcfe19e37d8767012680523174b86bfeb0817a46422be74
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1064
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 01:13:35 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992;0.5003382708682367
88.212.202.52200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992;0.5003382708682367
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 43af276eefaf4f8c43f9d1205ed559b0
0f538bb412beae5e68af2a10e782e681b0fc3a45
49f818c3bf653b785505eb4582687ef1b6d2bd0a208b6c975bba742c768bb91b
GET /hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992;0.5003382708682367 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kozbanov-lawyer.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 01:13:35 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Fri, 10 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 01:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
104.21.86.10200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
IP 104.21.86.10:0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:33 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCh0brv7fI1x6PyGe8Rouc0oGZgFOixYnrVe%2BUNViYSyrrzWjHZidlakJJ4B4xosaXcWf1BzkeotOn71dDGJ79VVRqG4RIiSR7KqUWHPwfRYOBWgC0ZYwVbR0eVpk%2BXUD3aGXyE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748c8a9c8f56b4f4-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 01:13:33 GMT
date: Sun, 11 Sep 2022 01:13:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&subset=cyrillic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&subset=cyrillic
IP 142.250.74.10:0
GET /css?family=Oswald:300,400,500,600,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 01:13:33 GMT
date: Sun, 11 Sep 2022 01:13:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partnerforce.ru/widget/law/v4/js/loader.min.js
172.67.217.192200 OK 0 B URL HTTP/2 partnerforce.ru/widget/law/v4/js/loader.min.js
IP 172.67.217.192:0
GET /widget/law/v4/js/loader.min.js HTTP/1.1
Host: partnerforce.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 01:13:35 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 16:48:18 GMT
etag: W/"5ef383d2-f6a9"
x-cache-skip: 100
cf-cache-status: HIT
age: 4763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FgmJG7njrnD5mj%2B8jWA%2BBvP2c25%2BOJUN9S8VjILdrM3yUSwsPOwA10OfEE5sRiNC939VA9mOjRII6UMw%2FSpeyuqu3ldfBY3mJWZ0dKf%2BAqiqbgKCztiROCk8dzDgsnxKks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748c8aa9ebffb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
104.21.86.10200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
IP 104.21.86.10:0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/putevoj-list-pri-ispolzovanie-lichnogo-avtotransporta-v-sluzhebnyh-celjah-51992
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 01:13:34 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcDbi3juvfwQsEv7EO9BeAwICbiZnSV1y7UGIjtj0iwR0W%2BI3qO1IirOnOEpary7%2FhU0XBxt1lk0Za14tYCVhPPz8KIPHY2YbU2dRSOzHset0tJl%2BSCHkY%2B9Ms1ea%2BqKH2RaiVw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748c8aa42d46b527-OSL
alt-svc: h2=":443"; ma=60