kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
188.114.96.1200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20374)
Hash c991f08c72585f718b879580ea50fb5d
a0a3e3b7e2861f38decbffb53d32a6a6b6793479
1fe887f889dcd12cb0b4a2849455fb9f8e97a5c1b7b16e10562f7f2f187bef14
Analyzer Verdict Alert fortinet Phishing
GET /prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Status: HIT
X-Cache-Skip: 000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiDZsjHIc939qG1fvTzrELSHVACW9p%2B6l3NlV%2FunfWiOizz7uf4YOXw48zrfkECVTHkS1CftIQ2nJSeusHL%2FQGMBCto0Ka%2BBM%2BnYwVR5ETKJ1sN1AvwbOlsdFd0w7ImlbPEJc4k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779b539aec601c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6086
Expires: Thu, 15 Dec 2022 02:56:36 GMT
Date: Thu, 15 Dec 2022 01:15:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3427
Expires: Thu, 15 Dec 2022 02:12:17 GMT
Date: Thu, 15 Dec 2022 01:15:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 01:08:54 GMT
content-type: application/json
age: 376
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6847
Expires: Thu, 15 Dec 2022 03:09:17 GMT
Date: Thu, 15 Dec 2022 01:15:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: to3IDnBRRFfWzKBJDUMrGER42+9L63Yi3jLHcD3HMWS8DQfk/lb0Omr1GtHCFVlq03/hivBYhzSy8t+WseWUFA==
x-amz-request-id: M5G4Q9FMPMG0J958
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 00:52:34 GMT
age: 1356
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 01:15:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 01:15:10 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1308098
expires: Tue, 05 Dec 2023 01:15:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3at7Xhlji%2BSvBs3oixMdNCX0fKS6JF346ulVsycdwoHnLduAp9BOFRDML%2FTFIPy3NoyxSpjiFdQ8FBmt64Nez9avvZTM9tmtU8oLfftDkRIhQAb5y%2BbWdARIx%2BuuZDovZJgVPcCA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 779b539d7b91b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/templates/rt_vermilion/css/systems.css
188.114.96.1404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/templates/rt_vermilion/css/systems.css
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
GET /templates/rt_vermilion/css/systems.css HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3URv3Fx%2BrfibocpywqpJmPU1p1nXFP0y8%2BAghkLOf8s%2BreO0%2Bpxrr71X5DWtqrJY0oxh0HC6E3qhIxHvuBu1TJOf6k0ERWnRZoEgv0HhBuN70lDF4BaD42rZZrKBQvo5n8aasH4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539d4ce91c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1
IP 188.114.96.1:0
Hash 71cbbc2b4b75d38fde4164930c4b1a5f
bc669826f776560c05ed95d509c6048a4e731ff1
c6f60ff63ea7e00e90f3db1812ab9600d24f17a153f923db3e5fbaa31ed3342c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-153e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MtIhlBu0zlxFUNBF%2BXPZgzeYP7TcOR6oKsa1O%2BbUzGiPwbM8YESgKJBBnTxWxfp%2BYtwysVGlETDdWalfzBqUkJWXA9Sx9of7t573heQbdTOSPrfvHghO7Sz1DDtrpCVn6vG1ls%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539d797eb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
188.114.96.1200 OK 676 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
IP 188.114.96.1:0
Hash aed6d7df00952fe5e2c7c636649262f6
7d27a3280224fa23a11af27e6816ba0a49ab5d70
06c5b0cd3f5177c83dc46e5fa8aca26cd4c79f9a3a256cfd03352c129039fdf6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:30:56 GMT
ETag: W/"5c125100-6cf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0idYsps2IPNReLyHGZFdmoBr2doeiHbvAJTVQy9Zf50TLP1jMm2V4BoSLSSoF%2BV6L8fu8moBmd2J%2B5NaTrcNE0Rb9RzuVciSpyvMlYrufPmmf0ki7YxQt8nXt9z1PdjQ7lf0Bo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539d7f76b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/style.css?ver=4.9.8
188.114.96.1200 OK 474 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/style.css?ver=4.9.8
IP 188.114.96.1:0
Hash 64512c3158a4553e2793a93d47c71224
51c04d04a577de6c3ebae959d392d8d49b906733
be702a318efa54999935c28540445356ecfbba55d3ffc14776ae15e92f3a18b7
GET /wp-content/themes/casino-theme/style.css?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:19 GMT
ETag: W/"5e4d7303-330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0zPf4eiN115FogylFV0%2B1mOrYjW%2Fu6OdaU9w87rkP8VfeTobzeC4zh6p%2BZGZAkCpjr%2FRnKoZ3OfXIDvDdExAq6EYXfeFR%2FNF79u%2B6Vr%2Fgv8gjRBPHEPVd61ZM0yvwnJx%2BtQxp8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539d7f950b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
188.114.96.1200 OK 451 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
IP 188.114.96.1:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash 9cbb12ded165859b75441a829fb683af
1e85f7bd7f0fa9dbc53157bbead5eb703c502db8
3dba212407392e05ef866072e63f519c9ef7365ea376cb5a8824e77726a6759b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:13 GMT
ETag: W/"5c12514d-484"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GBHhKq1d%2FTkKbjq8mc3mDPQhQlDr%2Fa7pt%2FRCREwYLzlYq3x%2FfyXOQPZpxejJNZ2aKo1ZpOTcM8E4wwdt8MsAAa%2B7N4PpsBlh%2FaWVtlyVznifkASlZ%2B49jDRdSEVySxGq%2BlgQq8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539d7e0fb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1
188.114.96.1200 OK 237 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1
IP 188.114.96.1:0
Hash 42b856f70401792ff61ce39f0d15187e
d89f7caec9972737f77b4d6effc214e5ddc6e8c6
498fb25e1b77547c448f19fbbec16747f9ad3ffede9e65af1df28e6b51e7c7c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-147"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5tO9fs2pGUlgXfwKqCuWw6YrLD1%2FcDKJ0BxAIp1FskxAqCwpOy1iTelVvxpxhRJyVWbl0OmF%2B%2F%2FvjEcCh8tQ8IRPKomZhPxESOGFklUGhCriSfPzx%2Fmi9Fhc0IEhMaVwygKtQw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539e49dab4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
188.114.96.1404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deBpERmTIqJSkU3skm5cskHkwuXM7G5YvMdAJbj1YkxVKSPcbIWnvIHvRDE2lA1Hj7Kv8XdY07ju9vENizjsnovid%2BYCkExzyNu9L%2Ff5GpX%2BTIyPZtl3zJu%2BbWd4yp6mXNMySJw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539e4ff50b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
188.114.96.1404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5d0csR6B2jPZY0lj%2FlrW%2BGzLvfOhGxdLKPIjKMkZCbvmgASKywnLu2DeCW8O1o1rmDswrS7YuVom4R0EsXMFLSXaViGwp2e07hWnTGxhkUUjf2PFBfJVtLAYQ1KuVVFMMVrFE7I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539e4fceb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1
188.114.96.1200 OK 310 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1
IP 188.114.96.1:0
File type ASCII text, with very long lines (1519), with no line terminators
Hash d73a797f7592ab9bce3849ab5737817e
9423b36627b10be53d0806fadfe6c8d8d68f9e71
f7d7f8fbdf96b9b72d137ad3ea7ad6bfbd9b935b04f697d60d9ee4600b9478c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-5ef"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhN%2Bw1V2ROQYchrXaYzksrd%2F40dTT9PtBscXOF5jNwx29380QtqenecmdyAvy1McEHLdT2ziT35f5QEBNlJFrYIDdA%2FcfNBunyddAbo6A%2BulJmek%2B6IWF6TNtOF9O9VYyYkZJso%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539e5e65b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1
188.114.96.1200 OK 18 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1
IP 188.114.96.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8ccc3caeb4d179c7411ced0d453568d2
24f7e038de1ff25d1d5640880a0dcc2a35a6c9ca
0f597bf99dcbb112a2ed509e8883f79ff735b518157dad9cfb59a6d685e8b144
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-1a1f0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1Yb1tOiJ6fQMoWX%2BR5oCW8RTPZe4ImlKgwv2Qun9joHvmBWFTQwZPxyZVUjyNsBQEFQPkx9gt6iVlbIDpNm8wbV%2FyAqISKNUnausUI2wfJjuO7edL2N4ckEgRkMdd3KyuUD9Bk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539d7bc0b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu.css?ver=1.0.1
188.114.96.1200 OK 2.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu.css?ver=1.0.1
IP 188.114.96.1:0
File type ASCII text, with very long lines (11594), with no line terminators
Hash d0c9fed4ee25a9901b0075392fced627
8e15174d523c566ecd24b03bd6f64284b3bb89bc
6707a90e066997a1a63b069a02ac745de76a5d85468aad53e9a773874f7b522e
GET /wp-content/themes/casino-theme/css/menu.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:03 GMT
ETag: W/"5e4d72f3-2d4a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8X74B9Vt1Lee114xd8%2Fs4A15qbsqfKzXWS3N7zQ8zAR9Jq4yWLBTnfxo2WYPMSozcFF0KBthoC3CM0Ewo9I4aorqOCuqc8kG5XxVYnyfeqQl18357UY3Ss6A7jGpslpM7CO0Sxg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539eca06b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/edit.css?ver=1553019136
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/edit.css?ver=1553019136
IP 188.114.96.1:0
File type ASCII text, with very long lines (390), with CRLF line terminators
Hash 36d221b51828ef8bbcf62f1c250ddeba
8276b7312f88f9e7d66bc9f68deb1ac29e7eda5b
ebc9fa2711b97b9ae51a1e8bf173a46a74007041bf642614685ba36dda0717f7
GET /wp-content/themes/casino-theme/css/edit.css?ver=1553019136 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-eb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFN98WgLVp1NBy%2FkG18KYqK01Eoq11HJCDXn8MQln6LXorDkA8XSS266m%2BmeKuSEm1%2FKeqNaAy945I2mF21b%2Fv4MJEPtoi249NcYLZX1YEmSQECJDb%2FeS0aA5cyXhLs5eixeQoQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539f085a0b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
188.114.96.1200 OK 21 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 188.114.96.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd9634fd6b76b33a1ecc722ec66c6594
60cde4939736097ec7dc5001e889635bcf60f2b7
514351d0c268660be9fa9a34578c4146032b70f5835f6ecd4bf6b12b673cf14d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-2613e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaJ2xJ00O8LqWeabNRmNbBwvMfE2s9MZEYeeMf6rq3bVWUvaGvwnFT70kA5e7evl6RzUktrIDqsM0XVNKGkTB3n5KEh6TwyuTyMOZjaPh1nwGLTGdm4IO3ocTDVxiLOJ3t%2FIpbY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539e0d0a1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107
188.114.96.1200 OK 792 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107
IP 188.114.96.1:0
Hash 28e92d0115685376ea13f80d4624cd77
5c49d2ba210b35e9d558c6cf13a5bccaaa950ed8
482f6d092f111156af642386342ff908983668446198cb59289e92180312dc86
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:27 GMT
ETag: W/"5c12515b-e8a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Z%2BHz9qpzrA8EHYvuCiNQTW9Q2GjbT52dTtAyjSmggAABZwyf4c6Z6hrmsvgMeCsuBlLQW64DwKP8Bkeps1RfPRlyk5OaNyCoaMaVOxj%2B2%2FqqUIqU70zb1NblV9Hxsk7QoQF95E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539f081cb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
188.114.96.1200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 188.114.96.1:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:01 GMT
ETag: W/"5c12517d-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rfgyHC6wCa4%2F9SuOsepQEtPU4mpB%2F5YQ6vJC5DetgfmWmJgKBc%2Blba6%2FN8xSeTqJdpCt2oEs0Fw9UG6S0DB2U4ytwnH1d1zEwgmq4dimhUpy7%2BFEK4nab0wzmegGEC2Qp%2BLFEE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539f4cacb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4
188.114.96.1200 OK 589 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4
IP 188.114.96.1:0
Hash b1e45bf9bcd536be8008b443608c6c6b
0d22ff7469317a36f82f2b6274c9c791daa21b24
e140ee41b7a34f1a34911b6cd5c933673469cbd4f60777f23c1e4d82e810bfa3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: W/"5b07c29e-881"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHKlU7yDiyGcj6e85qjtdoWFPj3mP5RqRnHi0nLd2NH5JBvAlwrzreIX3woWSt%2BIiEBZS8uISL8PmZb0PzY6dKOw6cygDL3%2FI%2FlspV1baFiaq4K2ofqDRTj8KuMAAFSEeRi2c3o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539f6a49b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
188.114.96.1200 OK 34 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 188.114.96.1:0
File type ASCII text, with very long lines (32077)
Hash 3a80fc6d5f853164f2f53a98659c0c21
3327cc9fd1e64d96894c1322e3ef52dea7fe4cf1
c390de9d0d8953f70b165680d6122a3fc871006c67a676030596a4c36e882674
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:01 GMT
ETag: W/"5c12517d-17ba0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbEeIfAb15JSi4ls6j%2FZyBwWZW3Q1C%2FDoMutsQZeOz007PM%2FaSrlC0taEQmtPY4yfezPAdrb0YhXXshd3RlzCsysWhVjHmNIevSOLm7ZzRiohRmjnFkYvMo9Xulmf%2BECWnEpTBU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539f1eb1b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
188.114.96.1200 OK 2.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
IP 188.114.96.1:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash 4f4a997bc181498157d148ba9b649949
87ff26f8385fcf11c28fcc40c2e5619a8138f44d
fe722eb1adc5eb6c3642f87ba188bfb0b899130719fd73381712d6d710d3ed4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:10 GMT
ETag: W/"5c12514a-17cb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByvfKSK0gIXkdU2gl%2BJ3R6FtcOBIa1Lb98fp%2FnD2m4SsI9fxvB7KSb7b%2BMVs9%2BZgFt5bu1wVDBaaNSB9028AW2szMxhjdj%2BAVyIOas5trQE4WaHTSBsO6sDXCGyJSjQCDo9daDs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a01d09b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/navigation.js?ver=20151215
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/navigation.js?ver=20151215
IP 188.114.96.1:0
Hash 8da166d76095153623e6bb934ef7525e
e5d0c5d545b3552dd5bf200f29e8f2c8e77ab221
56d5b07b11a2624298632471d166c6197da8a64a9d85d412efe32cc25cf8557c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/navigation.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-b97"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKpotWSRFLFvppAYuSxtP6Z6qpWWt1ow2upiauq4asOYI%2FmbywHL%2FTov%2FU9Ox7I0UpS2%2FI%2BfxAQ1rd%2Fre2fVZmLgl4vIAoMeHhRduZgYaPr6ZjXRuCP3BOTCWgOvoUHN7xuaG1E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a02a91b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
188.114.96.1200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
IP 188.114.96.1:0
Hash e0e4b1426b3215295e18e962a7d55f92
05ea8fd2d6c296a08cfa892650b84408ff473e7c
7551622c8e60a0bc7ea9f97ec1d26e7706618d171b4edc99ed8276872e231970
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:30:59 GMT
ETag: W/"5c125103-38f9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnszYIEEkFS%2FZ2Ofm8JuXWeZHRzhRAnqkv%2FG7Dlag40Qq%2FakutsqQC6JS708%2BWDCs3d597rEpAVP%2F2u30GicxpK8upuKEcKqIZNv4N1O3wuq6LG%2FnkW2J1BFTzYUN2Fu8i9avvM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b539fc86db515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 00:33:21 GMT
age: 2509
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bfb5d3c071cebab21e6ab8647e84b6ba
ebc1553e88dbe512449a31b3cb4c10c659484d7d
cf794ab56bfa29d8e47637d68f5c82e4c60b855a8f6b772f344a72c712da3c4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215
188.114.96.1200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215
IP 188.114.96.1:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
GET /wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=732gGYF7ULx9YZdD%2B7ezTtBMXwN6PpQYyyqwzsZDTkrkB7VKk6gfcr2dVWzOxs8bX2LXjXgvrnOzWDZt4kdX4UghxSKN0lUrIaZpx%2FfY%2BYjWghaVMwyOGeLhHp3BRsahUOF1C4s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a0c8edb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215
188.114.96.1200 OK 416 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215
IP 188.114.96.1:0
Hash a58187e217f4b2ee9cd10e8954eda607
49f6e0418c24f410db3a8c8681a7d98455d15e9d
69bf8d27242351ec81cf610c4d994e047c2ab1b5868b9e252596eee0a3d6d278
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:19 GMT
ETag: W/"5e4d7303-2ad"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyDciQZDE5d2RJzO3VrXPY40Xx9eLqXU2U6EuDPAu7SFAmel4KrprNERuQetYDmMr04ZZVruOU%2FesESMNOQYt4%2B5VtiyXzWne2wR4XT2%2BubE813xRg7cADyEaxeegpo2glCjSwI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a08f4fb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215
188.114.96.1200 OK 21 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215
IP 188.114.96.1:0
Hash e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Content-Length: 21
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: "5e4d7302-15"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FgHDhABvBeswzpRCP5v2ZaU%2B4FjbixgBwnptczmL%2B0FTTL5Pv9iRG0wlrxYvG9tcF6aZE2BZ2yFUgktMbWIqOkvx%2FjJjDPQslOqvt2eu8NOsifWbedzBLx%2Fo9WcRGVUWe0P3y8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a09ab8b4e8-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/caption.js?ver=20151215
188.114.96.1200 OK 334 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/caption.js?ver=20151215
IP 188.114.96.1:0
File type ASCII text, with very long lines (413)
Hash 67dcbc30fcfad1892362b21170522298
3ff742e04689a2cad78f844f1b76d457bdb72ca5
81c52b778cf87c87d1569c8fc4229d226eaab8e86833d315ec48b48be074fba1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/caption.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1eb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCuW1cWwA1bRPe5laR%2BVjMOEUUs3YfDvnVYkkBpaDX%2FfG2uTEbQz0B9sQdLEC783%2F5teuA1CEqbGm1mVMwz9tf2Acm1R1SLM1hIoG0412thSZBf3noANQ7d9C1hQVdaMb6W6k%2B4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a13936b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215
188.114.96.1200 OK 34 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215
IP 188.114.96.1:0
File type ASCII text, with very long lines (32077)
Hash bcf328167425e857c585773a83f0a9f1
5bf83602f9bb9607edba90a4564c8aa81e09c291
994b0b39c149e2a731357570951341f99d2f50cb1c7e1588e8ff30b665d4136e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-17b8b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7isIqf2TAgJ0dGSh3NqU5CS%2FZr%2FYfaDws0uH5FzJFshRoGM8REQncUUr%2FYoAyZPqSzgcYU85YKAeptt62d%2F%2FvQxnd9lCos5eWGQEpbb11F4PaJpeuh8%2F9tZBeOuK6YhiXT7L0c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a09d43b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
188.114.96.1200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
IP 188.114.96.1:0
Hash ac034ba8b105ae96e0c1798357b70b05
c690e7653903a684bc3b1b62c203a4ad85fcc638
9a73209fd2eed86c37d5aaa906aa48fe54bd827f2b30d40113bca0b3d1c678ac
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96drCQKVKzL62V%2Bmb%2Fl8IydPL6FcY1dkWdYqG%2FBhgcw0mcssr3f8wjGHy3T4kZaRVTSdt11Ugx%2B6L7YNLqKU4n1tctH0ZMvM3Q0M1g3YxYBCJCX6huBGdHha7fUq63LXX3N99BQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779b539f887a0b4d-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/core.js?ver=20151215
188.114.96.1200 OK 3.1 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/core.js?ver=20151215
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (7693), with no line terminators
Hash 645f05a74c3c52b4f27a5b44c794fa18
aef324d8d1e2faae36686e6dbb12bcfd080c90de
186313e5cf49316a4816403a527482e2063027ab8711b2f7e77ee5d4c4ab83b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/core.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1e12"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dQVfvCdMALAxd%2B4Ku2M5OEXLO6%2BlbxhizeOq68pAWlCVClJluOBAgiDVn27N6w89cj%2FQl4xH8gF%2BX8H7rT0KMa7kc0viJkx4ud5g5SBzQ1fJmVmvEVYN039IGgseaOm%2BbEIKuA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a16b00b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215
188.114.96.1200 OK 187 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215
IP 188.114.96.1:0
Hash 2b2ecc6023c34d28dcf10a7b57cdf412
b5dcb37a2e705625537c8b2c62cd2ad96114fe5d
c95d89cd5045462341bd479951e46f511bc198a007e1c3c2f701d3da9d754e7e
GET /wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-ff"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOGHXbD4M%2BTbNU4O0roHBIO3VWajvDP%2F0HCev6EMEhNeZ29%2Fbi7pdGMThunNdrb5VlnDGEwUEa7ZAnX8QYKv30Ctx2bbe7oqmtul1ba%2BPhb3kQlSK29wRfzm06w3MEY9XIvt%2BVo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a1fdfdb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215
188.114.96.1200 OK 387 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215
IP 188.114.96.1:0
Hash 5b2eeac89cca9a738e26f2c45ca3b316
d3656cfa2054381a5c75c1edef82c379d48a46bb
400e83ee529ee06858a97b364dd9d9db8a65febfafab9334c602dc37cefdc016
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-397"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxj4LkNUpThEcPx8kZtwEqFIT3lioIBk8MhNYRWnhp%2BJJ4EuGwqtwf4Yxi%2BbWkKJk9HwrPoeSBMwSqN4GHV6tfu%2FdY%2FaB7J1UXd4XSDdL6dkmJ3mLQMzB8IOBUTH2ZM9zcYfpOA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a1b96ab515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/chart.js?ver=20151215
188.114.96.1200 OK 4.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/chart.js?ver=20151215
IP 188.114.96.1:0
File type ASCII text, with very long lines (536)
Hash 76ee9e365261a3cf2b0fd565d601b8ef
822164a3fb51ffb55a5c3356f1a79a29df58a600
264d38df92f6e62b140f92c260ac96af2e210429c40d7b19971313cfccd77af2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/chart.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-4d31"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2F69mlGUOAVvcHiavSh9YM%2BStlniKZyiSxlkHfOH%2FENh2jqioih8AbOW0cdATTI%2BV%2Fg6jWNFCVU7XWpLZIqBFZYeF01vrP%2FXWEZbzqoXnXtk8cpxy9H48PVZ1%2FtDHfS7Vmk9IGE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a1ef5bb4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215
188.114.96.1200 OK 27 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215
IP 188.114.96.1:0
File type ASCII text, with very long lines (785)
Hash 4c23651950610db3ab0eebcf75eafe08
78bc489136a6d10bfbf2e2a17ede591d5049ab95
51e3113569751f8acb6086c37fe8af13e9779e0538912531daed843f895e5dc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-147b5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hi22F%2BD3Qs1CZHM2qnbNjNUm4tAxxWO3L4V7XzpNoWfqGaJS3YJQmXu3BlHQVK%2Fa6G%2B9oYbSUa6LC7Khqx1OpGHRyAiWlCdjBfd3km%2BbpBF%2B4nwz4M%2BPHP1fNvwHKbgPoDRu%2FKM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a13f99b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215
188.114.96.1200 OK 1.7 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215
IP 188.114.96.1:0
File type HTML document text\012- HTML document, ASCII text
Hash 5da0e9224ce987bb2cd10033c191e565
1c60cc73f9cde5503fd2823b47f55bccdd4a2a59
f4742f7e683472498056b4b5aef824a8992b398b82ef5dd8f6fd07e7e423319f
GET /wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1244"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjmmCTSq4jX6e%2B%2BJlm7NOZAElQCrfh4ZsrtvvteLo4MxyeF%2Ba6VCkY0sYCdU2eQDLJZvBgYQoIX2S3B%2BkZbel6UlH4y1SsWOyGEx27QAdyx5MPVO5UDm184wwZ7Z0NWMqMK17%2FE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a26e28b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215
188.114.96.1200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215
IP 188.114.96.1:0
Hash cfc860ea4db28072a31107b1209fe911
97f3a367aaf72d84a83600996efefeb0d3cb849a
6be53b71dbaa24897dc595a018bf5287257cdcd4a559c44b8a8af6d7d9842369
GET /wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-e10"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoFUJwG%2FYsYVwJANe%2BAlozPOI%2Byw1bJmodSOcMuUw99GKuga8cI5%2FrsrpfJ%2BIs7eS1zNy9Dnzia9bcrkOrj1v44GI8INm8kL5ossuW0U5Ld%2ByUl6s1NoxXwFubG1APse2QFlCiM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a21b76b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215
188.114.96.1200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215
IP 188.114.96.1:0
File type HTML document, ASCII text
Hash 6c68a1ba6ceff473fc314ec07549d028
f242990a422188eddb1b50788f9dfc440001d4d8
fbb5edd301249c053007eadc8e1baf934937b273438beb9fe123984e4688499a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-bc7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1%2FL9K1zsegX2zNqptA%2BYcuecb9XRdDCpADw69nRJzhPxyN6sgL6a23jwgb53m3wIIXQ3LCjYyUVw6yVl44DETIWjYkIVhcq8UL0JvYz1ZwT35FgzrzorA5TiieBmPBziYKsQiA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a279c1b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215
188.114.96.1200 OK 68 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (2903)
Hash ae2d2eb322f5b11a8cf9b87e102212c5
7a27aee33f8cde60c36ab776156e4816aa141ef9
dc69b934843a0073d6b6c1125536775cd92a41d21ce2160a1ed2d7cfe1de490d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-39d19"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRIxIVObMbogHc%2F1lgwtNwfsvgQunbKItWkLPC3IwXumkxYmLUxqmlQ25Ge%2By%2BB7uX9K%2F4eIryVfJltuX20KrDCW3U6xbdXNrY7tvvokki%2BD1u0v30bWRtb%2Btkw1AmDfLLUspj0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a1b95e0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215
IP 188.114.96.1:0
File type ASCII text, with very long lines (324)
Hash 7adda2b653b829227d343abe1311494c
ff506aca52274fca851f381bd2a2386fd40da4de
2c43bcafef1aee5b49d272f9fe89b0c2c423748e3c3e2f9469d6c7ce64ad9187
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-c12"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3BU%2BO%2Fune%2B%2FCk1qrrW59kn%2B22mhgl8TeBpzIOW2dG9ckbILdqEapWLgBdVtXt8MMCsuHWg2DQ8J0WIIsF3ShVn50OTkgMtYtjLZJudlafm1vS19gvYaMUkfeJbmCtMU8XOdo2o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a2af9bb4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
188.114.96.1200 OK 651 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
IP 188.114.96.1:0
File type ASCII text, with very long lines (909)
Hash 96f627e7798c9def04ee4b1e7714ab6e
4448490e333c96bec60f73524e3cb31632975283
b4beccacfc6e0c0dd3d311c6384ab0bfbd19431e8e83241b82bddc7d31ce7fa4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:03 GMT
ETag: W/"5c12517f-473"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUnkGxkwqS4ywUTzNew9KFynvFgxMSAZAF0uTpcSiYP2%2BPY8%2F5NKsf5208GFhr9l0jGCHQtPwr6wD8EmpZ1v8rdvhZ3%2BQFu49O1b%2BvzuygbVZO2Rm%2F9oX8CDaa8MrDJ56C%2BnmX4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a2ebc7b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
188.114.96.1200 OK 5.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
IP 188.114.96.1:0
File type ASCII text, with very long lines (12815)
Hash 856be0bcf6f83bda23869b9d928070f9
78ec42aedab08604ab3f9d8a5f604756f160cca2
8b9fa2f42ec45e87a0c573c35583a1f17e99c7558651576a09fe82b0d38eae05
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:03 GMT
ETag: W/"5c12517f-346c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxS%2FVmyunNn3YJ3rPyGBgxJpwx78naicHPfKyykrCrZyrxYEL7aWBOVkujTQikuADNB7MqhNTw5J2Uz5tglDHoDCHP3l%2FdlNihTm396mOwvbDm0XegkCPFhBRipijVJmMdi%2FBPQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a2de66b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215
188.114.96.1200 OK 6.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215
IP 188.114.96.1:0
Hash f3a8d2cf6a5f3c5c972830ad06462b06
04b63feeaf2840606fc82d86f48596b8733d8bba
8ff52ba129497b1cc4827635f0c2576b8af2610d08fb296faf2524cd1492d415
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-8521"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7mH6CVJplbn1lulN6JPTql4vULD11M8uJswKZHmgs7GCMdm9%2ByPrllXCQIVZxhBEXsMU7d9eRYvSBZEMcFSABMTxV%2BM0BQ1aiWrA9urt7rKDSluvIRjgWwVodM%2F3T9dZmFDMbw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a2a870b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
188.114.96.1404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R61%2B%2F3NzYQmSQF6tSbgwXbRmxeI8us0F55TvPv37tkHgpW7kfnl7dGqPEXrMTswP7hdx57R%2FxLEzkKLrWa2IdB7iI6RDhlzBihF%2FVpr8B67ts7D1QxlqvRDy%2FKM0WwUKO50mdtM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a3ac16b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
188.114.96.1404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpDJSObM1I3dLek2D7QYp7knepcO%2BgwDsaW4ZXpKSJu0vTueWF1EHrKbrDlHApBr%2BuiDxMdfOoGblxA5YntNYG1j1kJNdLJUkzJsutCdNXKNKkeLRJdFaImp6saKobb2wJFEdCw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a3bebab50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
188.114.96.1200 OK 4.4 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
IP 188.114.96.1:0
File type ASCII text, with very long lines (9118)
Hash 753d9a1cd7cc47e65c8b7c21543b1616
c4d57275c339b3b8df1d24124bd10d0926b5575f
8a04b00f98848434b8139a8cede0c5bb33334ea3be64ddd3bfae16977b396a6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:18 GMT
ETag: W/"5c12518e-2efa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZhebtQSsMUNbTlVRjXc8bcmzO3iKeXzI%2B1gfKJoeeW8mQ2qKVzTVAkCuEUibVvPYW4PdrnubWTa4foQhu1cp1jkf356SYbpW4fk2tFmvkz5SKozsQ3bAHduRWTWs53XzWRNISU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a36fe4b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.237.93.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.93.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ESXUOWJNNI8upkdfmKzP2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dGn9OQcfbgjbuqqoAzvW9Kx4/qI=
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107
188.114.96.1200 OK 548 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107
IP 188.114.96.1:0
File type ASCII text, with very long lines (1087)
Hash 72091825ef7903704f9a7eaa0cc1f657
c89609424b128d042711f6a056d6b3b657dccc52
08c73ef9e50d21576593c091ee035966ba02ca5232d71fed2bb5d644cf3a4275
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:34 GMT
ETag: W/"5c125162-465"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPiXWX4YAR25NZ7zaW1r5hwjiZVR0Hn7ko0j2PZEFgYsasiFlNx81OahdwdgvVKNTp%2F7FF%2BBC%2FMnMCIhP4IB8qz5cbu1Ib2atDqS4AFi9UPkYVnbA%2FOcwP1LqAYWyZLcYF1GnTE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a33a20b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/wp-embed.min.js?ver=4.9.8
188.114.96.1200 OK 756 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/wp-embed.min.js?ver=4.9.8
IP 188.114.96.1:0
File type ASCII text, with very long lines (1398), with no line terminators
Hash 77ce65aa27658b26944312e742e1d204
952f595220a39db2f6c8e65c648fa6b1ecf92024
277851a5b1d095133da0244edd6952c2f6fe5ec1b25633812001abb796681616
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:17 GMT
ETag: W/"5c12518d-576"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsBYRrkILIhOgypRiNLnW9CZGrmEO8HTGhaK9kp03MyYqwhMPyxllziazUVb5UQT8nfkiep0sTpzB%2FUOtvMgOfrdoKWSU%2FAEvbtCxp2qWTF0UKARBfIS72biyZDWGfUCP0xI5%2BU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a359f40b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/25.jpg
188.114.96.1200 OK 3.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/25.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 3356cd27b8faa9b87d4443304ecc7e1a
b9aab1acbe6f1553758edcc4b94399d09f4b1429
bbe37fddf983728b6ede33826db2a6023f2610781da5d0dede3ca0f4aa88a104
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/25.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/jpeg
Content-Length: 3176
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-c68"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pP4Y%2FTd%2FvPhOns4t%2Bww3PU3qjpfyC5A0a9uaQxESnthu%2FtdAIjV0L7bksTVNyxNufmzafZy23SmkyoF7ZQIxejGn30javYc7ZHC4Qli2LR2Kd3vGJTl7uhPz0jqgvnN1FW76FE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a3d906b512-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/23.jpg
188.114.96.1200 OK 1.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/23.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 686e2aa1b2281f6a3b651b92e6bba23c
e18752299957bd764a939553067c0b344c9fa271
5b115d9dc91cbf76795a7f47fecaa9c6835491ba9d343b85e6c27b60c383e425
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/23.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/jpeg
Content-Length: 1511
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-5e7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lco8sYhJPYzGSUosssCn6hExZZClgqAuwfP99797Y%2BbsCn3kM0FHncPXyyifynlkBQGS5qDll74b3PmtOz4kne%2FtzkOvBc%2BXfEfs8%2Bl5ne%2Fz3knP6Et8sktMAOKNah9%2F9gCmRik%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a3dec2b50c-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg
188.114.96.1200 OK 7.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 6ffe430d51d22e42c1c60bb54257890a
65176df4d28ff4662f75b209d2a5e2b2a7bf709a
50a64f26cfaf466f92fad11b097701d16aa3e1aff6e3b6488e2ee268129719e4
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/jpeg
Content-Length: 7346
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1cb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAVcOllIDpVSnhkuqaX4mMSpm%2FcDgZVKJSJM3LLpOb%2FVQSqnDHlnYQwWDk2uobq98VC1%2FhhSC37Qo3lcFSyCJM7xre2bDTFuIlVlrwO4JEFWbL26E3Va25pWQ3vozXCrxIkbkxM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a3d817b4f1-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
216.58.207.227200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 21:17:08 GMT
expires: Tue, 12 Dec 2023 21:17:08 GMT
cache-control: public, max-age=31536000
age: 187083
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/13.jpg
188.114.96.1200 OK 3.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/13.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash febd51c7779041243414fc9fff39034b
b5383e5aa3d8f71b89487c297ec253d5af55db96
1ca09ba179d7b3ae0c784a9d4a8def137b8f717d011b2532f7a9f6020c972018
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/13.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/jpeg
Content-Length: 3532
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-dcc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYEFIEiNxsoNdRGcU2BnVikF47dhKiTAsoA%2FtL5Te3WF4svw2Ve8IHDWA%2FAG8y4xGkBcRoVK99dPeYXfNpCW8d2rdBddQzVAgTrMRj4LU8v5zOH6m9WY1RrGf4ho674W4DjiXuc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a3fa57b515-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28444, version 1.0\012- data
Hash e996a4db02cc36705ce700e4b5d06b3a
c5fa1dff68d7d83689f58bc498caea9041cf7b75
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
GET /s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 15:42:57 GMT
expires: Wed, 13 Dec 2023 15:42:57 GMT
cache-control: public, max-age=31536000
age: 120734
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29928, version 1.0\012- data
Hash 609bea65e2bf8ee9b728a85a8f1b282c
a0d2fbcf012e6554fb8cb182994ec8eb744ab65d
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:36:14 GMT
expires: Thu, 14 Dec 2023 19:36:14 GMT
cache-control: public, max-age=31536000
age: 20337
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Dec 2022 22:37:36 GMT
expires: Sun, 10 Dec 2023 22:37:36 GMT
cache-control: public, max-age=31536000
age: 355055
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.227200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 15:42:38 GMT
expires: Wed, 13 Dec 2023 15:42:38 GMT
cache-control: public, max-age=31536000
age: 120753
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg
188.114.96.1200 OK 17 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash a20dff5090471c85d6257543fc617901
132061a805fea75cb18783d0b0df68770d0550c0
e857b935368f2912f670bee1b76aa9232a97a1f0b76af6427960ba49213ff746
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/jpeg
Content-Length: 17223
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-4347"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZyouFMI%2FxhU26uMIzfMRcHwGPo%2BVmq7%2BQNAdzn0vMxSpCmjHiOOTdS94IJNQSIPLtrLUKGUr7GajE2c0GVh5j9L8Slwm5K5PepFo%2FCOTcmwvZAzKiXgyOiWtqX%2Fu1PXbIRshZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a3dc2cb4e8-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e709a04ea80113c435ca4f9d37e93e7
053f34d74eded192d698bb20956897ec3e3ad23b
2535554bd9d9004c7888cde496278d847002218fb1d35a3d4bacdd98c8a92ff9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/30.jpg
188.114.96.1200 OK 6.9 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/30.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 5f32c3774a3fc5f2e4340ce8c92875fb
05dbae405fee015f6d0ff3a8f812a459235342e3
3bb6bca791ed826cc58b92ca985478bf7dfacae54c5cecdbdcd2c8a682db5e22
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/30.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/jpeg
Content-Length: 6926
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1b0e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBvTQtZSsoDsPCc8dFkV5Xrwnkt9hZQw2Dr8A%2FRFvQfv%2FM6e%2FUTqeY2zSII%2FbyEq6B8nO7nzQ1UX8tPl3i4inHJbbS1ghR%2BNk2OJ4Rx1dKMtM4Lx7IzFpyZa6j%2FuVm8uOlk5pTM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a4996bb512-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/uploads/nomera/temnyj.png
188.114.96.1200 OK 11 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/uploads/nomera/temnyj.png
IP 188.114.96.1:0
File type PNG image data, 300 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash d1f737435cc723c3553584f055a12cdd
7755990090cace7bc9b060b8978f2d582294f531
4a36c501294130673ec66f93c7b153a225960ad42d91aeab997f023aa92d1037
GET /wp-content/uploads/nomera/temnyj.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/png
Content-Length: 10965
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 19:48:14 GMT
ETag: "631f8cfe-2ad5"
X-Cache-Skip: 000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4z6C8onoET7V4LfclOSIOZV1alo6aAfqiIpDa6MODRu5r6ta82tzkiurqFGDV3TYVd%2BUv%2Fbikbni3cudHbGvHWNdQfrE48tTc4bKR1Eag9iV73AkWPrsrwbRUjFDIwRRkDuqqQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a4986db4f1-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/uploads/nomera/belyj.png
188.114.96.1200 OK 12 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/uploads/nomera/belyj.png
IP 188.114.96.1:0
File type PNG image data, 300 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash c7ab9f734a62dcdd05915b9c6efcb651
bd03a65c70bc1ed2912a4b32c6d7b632601ed508
c5a4422379aeaae1188613e1fe0c9743f944e099847f7a47a0f2bf893ec66585
GET /wp-content/uploads/nomera/belyj.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/png
Content-Length: 11685
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 19:48:14 GMT
ETag: "631f8cfe-2da5"
X-Cache-Skip: 000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uGzIJJw9gVIwnInF1E2kyjPo%2Fl3JDm0GlCJFqnj4vUnYzT5psC0jJdImYEgW66CScijmLvUixrYeQ7ZamXv4Oht2utCqisrkC9CbSNTHYobUJrWuJ2Re6vFFchIHsuCu2tC1ZU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a4ba9ab515-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/16.jpg
188.114.96.1200 OK 7.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/16.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 3dc8f67ced3f515a8d423d6043eec37c
9bf8fdc7f77c36a02bbc4c3ba1fd17774f5f0878
8b54337c683926c172274174fed61f05906b34bd0dadd392f182c90f45463fc5
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/16.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/jpeg
Content-Length: 7041
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1b81"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmooJOQ8wAdw0aF%2BCpqXMfzVCrAmBRcTKyYP4xSlRP%2F95S3ORyqDhekJQ3r6NTEXDB%2BNQatV5HJxLhfNEcuAX0ezfQ%2FvC8QANE3WyAa3IiR17lS7P8B1HNwiMJCDbkOwGz4xnGU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a49f02b50c-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png
188.114.96.1200 OK 20 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png
IP 188.114.96.1:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 93551a3aa448b291fb298c65875cb86e
b215ea724beb57ed1d73290d86189a384878a629
becc186aefcbbc15ac415d868dedfb684539a2e97deb52fcf6aa932833d52185
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/png
Content-Length: 20026
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:37 GMT
ETag: "5c125165-4e3a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FBlQ7qTEx%2FH79D45ipjt0m3zGMVY%2BdH%2BWZ%2BNy7UcBHdrUFZK%2FRHigl0n45d70xGUyolwyirICnl1sNtGsMixTrTPv8ZuMilXXN7Co1v98TFIRA0KiCRw64iticdw8O9mvmfynw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a4ecc3b4e8-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png
188.114.96.1200 OK 18 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png
IP 188.114.96.1:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 8413bf6f1dd2223f3be09256f755c682
2f99d0744f451d7d631fff57510c99ef5a0cfd15
bf75418f7c7e4e45ba7c9ef9e2f0ae766660e4290022bbd91ca89116a8111bc7
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/png
Content-Length: 18310
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:36 GMT
ETag: "5c125164-4786"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1TmaoJgAhqHhQbTJYx3P%2FtRjoMtBFrvYehahVdYWrLuQ2efUd4oQ6EBgqJA4R53KD1wetYH56Nvjxr87wpH3lQqYqb458NfEVVY0jO2aUeLj2lmvbCsRRay%2BfXguHWpqG5eeAk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a51897b4f1-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/0.jpg
188.114.96.1200 OK 7.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/0.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash a61eddba601a02554fd9ac271a23aa0b
d508c1863f4c3be8c28555d80b72f79948d5fa8a
3522f67c8ce88c36ccbb936290ec4933da87a1c26ea1ba7a8eef142a8a3526cf
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/0.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/jpeg
Content-Length: 7537
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1d71"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvxb8AITMkUQ8mZ3I2lVjOMW0LYHKPzf9%2FqWDxeA0%2BQLL%2FHuoGpZNn64ZF0cKr3m0c2YHDloN1rRO6JP9xHHNF5J%2B1MtqGnG6d9c16Duqvgl2LvqP2JAjoGGhpgH1qBy0rwg1l8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a52ac5b515-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/e96685ea/www-player.css
216.58.211.14200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/e96685ea/www-player.css
IP 216.58.211.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 12c224a05a50ec216eb026a7ddd40dfa
5e7c6908c414efae1db8803dc3e0e768f4583b67
e9a2f274c08edbcc81e33d35dc28013c9c17672b6af0249b3dd3d21048963777
GET /s/player/e96685ea/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/R1jM2BxVro8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49901
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:41:17 GMT
expires: Tue, 12 Dec 2023 18:41:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 12 Dec 2022 01:16:42 GMT
content-type: text/css
age: 196434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 530828
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:43 GMT
expires: Fri, 08 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 549268
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
216.58.211.14200 OK 100 kB URL HTTP/2 www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (679)
Hash 4edcae73f06c4a26c3888f2fc8dbe075
d3d94225d2de3a3930d32fd821e5968c52d35146
6cbeccf97e972b15fdd87eeb1c463ebd7be7988782ee3d3017cf456e43044d21
GET /s/player/e96685ea/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/R1jM2BxVro8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99486
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:41:17 GMT
expires: Tue, 12 Dec 2023 18:41:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 12 Dec 2022 01:16:42 GMT
content-type: text/javascript
age: 196434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f340e8485c80338c159be2ac5f8050c5
704f9da662775b15315248a59353c9af39a1ef0e
2197d905b6847b6ae4eb8b90be3edb8ed0e6c809208590d3a59559e8fce99f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png
188.114.96.1200 OK 15 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png
IP 188.114.96.1:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 464b73a2f6a9663f96380be90087ee51
8e2c879dd21aaf4a9237168483ecd4f229fcdeec
1ed3a52831e8816fe8a7af982270c84b8f2fcd24b2b05991a2ef8997e4409baf
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/png
Content-Length: 15070
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:36 GMT
ETag: "5c125164-3ade"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYulaWZbmwK8%2Fq17zRTbGuPTq1COyG%2BDDkcFeICVj%2B2BgKa%2BYRIM%2BiVgecHkns%2F%2FLApKErshlqOhp1zXiCbGCliIlmmTsN861Enr4MJhTogMO1A6kSFKrGa1V5uw3UfCqkeDMvg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a5099bb512-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
188.114.96.1200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
IP 188.114.96.1:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 006849bd75bbbb96d5b1f5997bbeb52a
21ce90bf8bc0105fe13d635d5f9b8404d8759e82
56c87ee1e1a6878217897741f85a8048012b693a4cb6b03804a322d8fed02a88
GET /wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: image/png
Content-Length: 1286
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:34:48 GMT
ETag: "5c1251e8-506"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0R3njDnYPFB%2BhjHVVinQKy7ujgRRZYBEOtYYHZg%2BgtUa2U5pXghgoCKxJ7MyVeu9cmxXRaXLaGwHD6cWFO5GtttXSzWr3bAsfpEaYmIzg69J%2FEeclmoDtpbD%2FidaXuDByTuYGU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a6ed83b4e8-OSL
alt-svc: h2=":443"; ma=60
www.youtube.com/embed/R1jM2BxVro8
216.58.211.14200 OK 28 kB URL HTTP/2 www.youtube.com/embed/R1jM2BxVro8
IP 216.58.211.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53487)
Hash e9dfa678cb31a1098c7513acb1ebeb48
320fca830e6260971f5af3990135b938c0e12a6c
99a02346f8ed49fad972e7e5c639fc16a17f08818fc46d1178eaecb881425290
GET /embed/R1jM2BxVro8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 15 Dec 2022 01:15:11 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=5Gik6V_0dc0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=uF1Y8j99Uck; Domain=.youtube.com; Expires=Tue, 13-Jun-2023 01:15:11 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+131; expires=Sat, 14-Dec-2024 01:15:11 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e96685ea/player_ias.vflset/en_US/base.js
216.58.211.14200 OK 599 kB URL HTTP/2 www.youtube.com/s/player/e96685ea/player_ias.vflset/en_US/base.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (517)
Size 599 kB (598637 bytes)
Hash 8ef2a12c66c48b30c081ac4dc954d495
950c430bc86a48b61470a5985042b3c4b10aeac2
c63ba6a693206bfcf9e5d5a5b2b05ef080c0296a8ea16b5add57979ad8828cb7
GET /s/player/e96685ea/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/R1jM2BxVro8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 598637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:41:17 GMT
expires: Tue, 12 Dec 2023 18:41:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 12 Dec 2022 01:16:42 GMT
content-type: text/javascript
age: 196434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
188.114.96.1200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
IP 188.114.96.1:0
Hash 9952a7ec7239fec63da11ca14d8db350
54c9999d0e96e6d8a998fa93395f9858cf48340c
e37ece8cf394ab9bccb98582ea436346b0f6d5257e3874aae410b2e392b55aa1
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F53TjWLxryhc4fKgyA4HBDyd%2FZtygoGR9cBENSB%2B4Tb3keP9Kz%2BIyxB1nwauJKLcVL7qB%2FAFc7cjvD%2F0XpEfh0Z%2BI5e12ETIKHl8a6zTw5gif%2FhyDyzIkYGYfL3tBWbk%2FMTFa%2BA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779b53a68feeb50c-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
188.114.96.1200 OK 43 kB URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
IP 188.114.96.1:0
Hash f4fd37c32a3fbd7a035bb2ab53e8e539
64943d0e0b7ccd177aaaed8818ef9050a3652718
f20777e577767ca65f3a10aa1ce8c895a1d7a1c450e0ed9c9b4c28be9732aba0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiB126hm%2B68HV2SITZQF3EpAVzm1GF7Oxj%2BXYs%2F7%2B0Aa4cjGu6Lo6N%2F1QMQp7%2FAd6iRqBbXe%2Fr2WU2l6WAbOSUh4692y7pk5qdo7t61LL5MKclM5rHmJEPLobK9GPKM7T7aqKEQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779b53a41a2e0b51-OSL
alt-svc: h2=":443"; ma=60
counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992;0.3744294153631269
88.212.201.204302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992;0.3744294153631269
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992;0.3744294153631269 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
HTTP/1.1 302 Moved Temporarily
Date: Thu, 15 Dec 2022 01:15:12 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992;0.3744294153631269
Content-Length: 32
Expires: Tue, 14 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
kozbanov-lawyer.ru/favicon.ico
188.114.96.1200 OK 1.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/favicon.ico
IP 188.114.96.1:0
File type MS Windows icon resource - 3 icons, 16x16, 16 colors, 16x16, 24 bits/pixel\012- data
Hash f2f1d96f7391d0ea847d0d356514bd4f
26a24c46bfaa5134934265af029bc47d23880379
92a9c2ca41b28538e0e0f90ba277d2f0a24d5406b275a59abbf1f430b7925b1c
GET /favicon.ico HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:12 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 19:53:44 GMT
ETag: W/"5c8d5448-92e"
Expires: Fri, 16 Dec 2022 01:15:12 GMT
Cache-Control: max-age=86400
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ipWiI0kRfl%2FWHASRPMLJh%2FbSHTYfBj%2BTFNmkW6vQm6MDhCKVO8vulhEXWdhbHRlEarn6UU5ysuv8mi4JyERvytRHXxTULrlo8v4sxYTkWk1g6S7HyUr1WzaLXifm%2BzJ3c7P%2FGA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53ab8fb0b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7931
Expires: Thu, 15 Dec 2022 03:27:23 GMT
Date: Thu, 15 Dec 2022 01:15:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7931
Expires: Thu, 15 Dec 2022 03:27:23 GMT
Date: Thu, 15 Dec 2022 01:15:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cad03ada56517cc3a15fa39366e51cf4
399aa58fa73d372d77f5b191a7cf0819c94b8dac
5918087c3008a351e090fe16d18ffba1de8b76d256daebbf6d4d4348a77e6e11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0433fbd1fce23a4ef7cc57d125978157
ea3a6ab371fde7b300a6c8f7717ce928dd270a4a
78512d3a66d775eebb884c20bb79fda3f374295ef224d13c63bc29eea64bd996
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7931
Expires: Thu, 15 Dec 2022 03:27:23 GMT
Date: Thu, 15 Dec 2022 01:15:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed92d0a5-f6ed-4382-aa56-39c7021a6b76.png
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed92d0a5-f6ed-4382-aa56-39c7021a6b76.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e1fb0ddf6ac86d38423a55841c78c6c
d31310f2441c9f7584f3c1605dd3fb38d5af41a6
8e91e724a42f8b0cf953570937c33465903c979297e439438d86c45b3d242d4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed92d0a5-f6ed-4382-aa56-39c7021a6b76.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7163
x-amzn-requestid: f3472b61-a3e4-4af9-bb1f-eecd4c7315e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dFxs3GuWIAMFSWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63989652-2892086d207c30e3583847ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 15:12:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_9xOQmBEPWm8hje_FeJWC-nFCvbNOuLGR13GiPcZrjbK9Gl8dYiNA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:42:32 GMT
age: 12760
etag: "d31310f2441c9f7584f3c1605dd3fb38d5af41a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 01:06:04 GMT
expires: Thu, 15 Dec 2022 01:21:04 GMT
cache-control: public, max-age=900
age: 548
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14bcc069-6742-46d6-ba71-3624eec8f34e.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14bcc069-6742-46d6-ba71-3624eec8f34e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c8a26b13c34491d35e416a0a315e9a8
c13edfc689666ab3586b49796a7fcd46bafee29d
bed8dff9ad852fe694ccf3e54b0bb5687bb154981d48bfa8c05fdcd30010185a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14bcc069-6742-46d6-ba71-3624eec8f34e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5760
x-amzn-requestid: 5e94f6cf-8ab1-4a7a-9714-a3147af61e1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3ftDFHtIAMFwxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392dfec-0ae05a42119198d6052c0f4b;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:12:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5L0NOMl3xdN98bEYyq_3KMSpfqOoXrBOJcHCZW4JpbzdIszkCbKj-w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 19:59:46 GMT
age: 18926
etag: "c13edfc689666ab3586b49796a7fcd46bafee29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d38060edf5f77bdaa18a4dd3b092c12
50b89e4fbdb88026899ce49cb45b0d6286f303a7
8ff9d03bca03022c717004f96a178d4982d16b575cb70a1a237ca76f90f4f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5789
x-amzn-requestid: bb0455df-4252-4b04-a24c-eb101e3e40db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKWBdFAUIAMFaig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a6a09-1e3f6b0d0a59da3807acffee;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 00:27:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QQrpPJpyUuwf5USygp_vUiZ-S2Jt7VUN8yClS2Pt_IUgVwMn-xeDhQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 00:38:36 GMT
age: 2196
etag: "50b89e4fbdb88026899ce49cb45b0d6286f303a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42b56293-d558-42d1-901f-867d37373fc6.png
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42b56293-d558-42d1-901f-867d37373fc6.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7640549ee9aa35337ab50d76c1feb9d5
2668abdaf4bfba3f21f656582ad8953befefd237
28491baf033b5d2c4c128fa477591005490936faef2b057a6ad50eb152919aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42b56293-d558-42d1-901f-867d37373fc6.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8895
x-amzn-requestid: 7352e732-b98a-4baa-b0c2-a65c70ce6189
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8zAGvAIAMF9-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41ac-087b60d0270029100cf2ddc7;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aufLfAfh-yM9MwUCs3uPyIr471M_lHDlY_JVzqkuYibjzGhHxqyoiA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 21:50:29 GMT
age: 12283
etag: "2668abdaf4bfba3f21f656582ad8953befefd237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0
188.114.96.1404 Not Found 42 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (20374), with CRLF, LF line terminators
Hash 8c7ad92917279149a381b94a3fe97cc3
cc20e5e5e8eb19c8df35abdc4aec38f7bf4e0ba2
5d25dcc0bfc87e4e4920af739a1485d944a9398994dfa32196a06d4dbfae0868
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 01:15:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
Link: <http://kozbanov-lawyer.ru/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Frahg56DrTxUAWfB%2BXj8aGojrRNmeqsvVhZFuMe3XIw5W4jDeW8BGnoX84RuLbKQLl5%2BVgcD810nvNp2hAR1%2BFDTGY694NcMg%2FhP6vknkyh%2BdJkynr74IVPjux%2BoEyqnoLaYvKo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53a9fbbab512-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe03f69d5-77c0-42d9-9b2a-210a52667086.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe03f69d5-77c0-42d9-9b2a-210a52667086.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c7a1481c2acfca36dfc40d5525f4f5d
39ebe36d481dc83f16d42feff7e6a594eb1eb090
6fa67fb9185e55892298acd0a7aa2b81fb2aa5857aa9eddca3931189ea538457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe03f69d5-77c0-42d9-9b2a-210a52667086.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4457
x-amzn-requestid: 82585058-e84a-4d7c-827e-25e5ad105cc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-EYmEpPoAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63958103-5fdbaa223aa63f092c53655e;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:04:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rbITexnNnFvp2ulsDLMsUbt30uEdCD3CcGiel7ABXRKVht8MqZ7ZDw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 22:15:13 GMT
age: 10799
etag: "39ebe36d481dc83f16d42feff7e6a594eb1eb090"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 15 Dec 2022 01:15:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif
34.120.237.76200 OK 31 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif
IP 34.120.237.76:0
File type GIF image data, version 87a, 296 x 148\012- data
Hash 1a355e31327e2a5f648c36fdc4d2348a
ab6149b7874d751c3b897889902ecf52cbede8e4
cf3fbf211bc15f39efe535bf66a281d124c6254b0b9e641b6ea3c8023ab869dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F127c491c-f334-4f88-ab1c-07169225ca7c.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 30895
x-amzn-requestid: 2d48ad82-6b48-4b9b-9dd0-98afd8b7f9ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0NExFi7oAMFuKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918eeb-6ceedd921e75513b6dfdb084;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:14:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Hl0Mdyy9oH1n1LveM7TzD0kSA7NT80XbRiPEAQMbjxmMqRmpwcrG5w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 13:47:39 GMT
age: 41253
etag: "ab6149b7874d751c3b897889902ecf52cbede8e4"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 15 Dec 2022 01:15:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cad03ada56517cc3a15fa39366e51cf4
399aa58fa73d372d77f5b191a7cf0819c94b8dac
5918087c3008a351e090fe16d18ffba1de8b76d256daebbf6d4d4348a77e6e11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 15 Dec 2022 01:15:12 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0433fbd1fce23a4ef7cc57d125978157
ea3a6ab371fde7b300a6c8f7717ce928dd270a4a
78512d3a66d775eebb884c20bb79fda3f374295ef224d13c63bc29eea64bd996
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0a3c4b8b5d46a46ac436a781140c5a34
6462401ee941396fcab45ab626e0ea362fc00795
8d77d58ce0025a90223deaaa00a339d8e1efcc9b13ea16ddac95aa7ed4fb3d4c
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 15 Dec 2022 01:15:12 GMT
server: ESF
cache-control: private
content-length: 30796
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 712b5b8bb7abb536b4495a786941366d
f8275a30c079ea0b0f5199badf7378d84adca43f
5fd3be2e97cce1008b32317c0e3fee11c8f0555bdceaa960ba519f69176bcde6
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 15 Dec 2022 01:15:12 GMT
server: ESF
cache-control: private
content-length: 30866
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.227200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9832, version 1.0\012- data
Hash efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:12 GMT
expires: Sat, 09 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
age: 474120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 97eee88a374e34b0c23f90831ea157ee
a4757bbce52e1e30b2818dcd108e5a9300121b4d
cbd00e4ab4ad6e51b6d523ad79181fdc8924527a6d447ddf6a032b29a767b6c4
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 18 Dec 2022 21:48:33 GMT
ETag: "a4757bbce52e1e30b2818dcd108e5a9300121b4d"
Last-Modified: Wed, 14 Dec 2022 21:48:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3173
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53ad996c0afa-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a29a4c6b4ba43b8d4b85a33b27279a06
a9177ccbe185ee26f4e92115a4bc5831b64d050b
c2409b47733ef77aeaf73719b0c5fd6294c50c5e579f6ab79f71503efad63e6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36143)
Hash a08dfd96c563f96f7d11b4858aecfa13
d9abee2c38b89d3dea85e76bb741bb8f4f993d49
fedde263fa3b4116029d93d0250f5eab845964d5fcf24e40ffbcd9bf292a0db4
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 06:09:06 GMT
expires: Thu, 14 Dec 2023 06:09:06 GMT
cache-control: public, max-age=31536000
age: 68766
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992;0.3744294153631269
88.212.201.204200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992;0.3744294153631269
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 43af276eefaf4f8c43f9d1205ed559b0
0f538bb412beae5e68af2a10e782e681b0fc3a45
49f818c3bf653b785505eb4582687ef1b6d2bd0a208b6c975bba742c768bb91b
GET /hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992;0.3744294153631269 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kozbanov-lawyer.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 15 Dec 2022 01:15:12 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Tue, 14 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ad34963d0d5709524ae615ab7edafcaa
80ece09b8a77b654f09c159cf8754684de843237
42e9fe985b67d7806a10dd03b66607b5ac731202b5b630a3f58f98ae26fee13c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c4bdd6ef3e0ef2c33868d96eacf07dec
e37067aed86afe6d61372f325d5485dfcd35a350
56b8dc4555085a686f9cad922e1dc169140ae8d6475e24524096ca6f05576073
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8fD25G5pYmtpab0cD7WNrLIJpIFQbWi1WpDSkTFg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 6.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8fD25G5pYmtpab0cD7WNrLIJpIFQbWi1WpDSkTFg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash f4649ea8c3808cb5c5c8b143fe401b45
40c0ec0a4134600761ca5e8207fb10f2dce12499
a455ad7e45e929b68b0308e913e1afe4227408121393b250e5e34f75ed765bdc
GET /ytc/AMLnZu8fD25G5pYmtpab0cD7WNrLIJpIFQbWi1WpDSkTFg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6035
x-xss-protection: 0
date: Thu, 15 Dec 2022 00:40:55 GMT
expires: Fri, 29 Jul 2022 16:59:37 GMT
cache-control: public, max-age=86400, no-transform
age: 2057
etag: "va9"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/MpfEcqBrm0U/sddefault.webp
142.250.74.86200 OK 25 kB URL HTTP/2 i.ytimg.com/vi_webp/MpfEcqBrm0U/sddefault.webp
IP 142.250.74.86:0
Hash 5f0cc4d65b25b4c96ed5735d04c0371b
84fc9c6b984beebd1a2311f96e170e297b4276cc
bc197e16fdf073f654044a2df2fd1076bf61179b86ee5007fb3c65d9c5126d2f
GET /vi_webp/MpfEcqBrm0U/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 24598
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 01:15:12 GMT
expires: Thu, 15 Dec 2022 03:15:12 GMT
cache-control: public, max-age=7200
etag: "1657738045"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 500d7838b7582b456b8025ffe03ac9a8
ba64ec0d9ae36361848bc1be73a99e7c38575271
0da1844c4988d6497821f944b47dd19158be73f10deac19945ebdd9c18927485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ad34963d0d5709524ae615ab7edafcaa
80ece09b8a77b654f09c159cf8754684de843237
42e9fe985b67d7806a10dd03b66607b5ac731202b5b630a3f58f98ae26fee13c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eb84e6a011a9528eb9a80989e38b9273
0dfd05338986086205c7c7cc834710ecd977c595
7ef7ceaad733fe6d750d693f372ad861326524ee9c8c332b02728d85ae98e5e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 01:15:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0
188.114.96.1404 Not Found 6.7 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (20374), with CRLF, LF line terminators
Hash 280f65c1c48534c96982d72e08f371da
7c2ffe709212e969494d9b8353e691fbcb144869
a737466094912630582a7e271cf20d02d34d62ae584f39d17a4e7bea8be34cd3
GET /wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
HTTP/1.1 404 Not Found
Date: Thu, 15 Dec 2022 01:15:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
Link: <http://kozbanov-lawyer.ru/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtV8YxrsGc8Tdw7%2FpJTAAG19c8YsZuKuELa6WlkkXAQNh1EFHRIN5JpjWWsxENUrL2OS54IhCBNarGosPoyoXiRFcdcjJUmuXq1NH8lA0lT6IIe4ypjUCufV1OAFEQxzZ7iFuHI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 779b53ad8d89b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.24.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 01:15:13 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 634159
expires: Tue, 05 Dec 2023 01:15:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYei8PK3S1h52hJHh26U8%2FzeqEtn7Qy87WVH%2BAXNLy%2BgZWcjwaNqHQjmFaw3uz9W9Y7LZA8UgE%2BJIo6i9QZmy53ZpUfwT23WUSQjN3pU7%2FZcZitC6YSb9YvnPUFaI82GR%2FrRXpHW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 779b53b0cf1cb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext
IP 142.250.74.106:0
GET /css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Dec 2022 01:15:10 GMT
date: Thu, 15 Dec 2022 01:15:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&subset=cyrillic
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&subset=cyrillic
IP 142.250.74.106:0
GET /css?family=Oswald:300,400,500,600,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Dec 2022 01:15:10 GMT
date: Thu, 15 Dec 2022 01:15:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
188.114.96.1200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
IP 188.114.96.1:0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/prinimajutsja-li-prinjatye-objazatelstva-bytna-vozvraty-proshlyh-let-51992
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 01:15:11 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gF5G8BrZUi7JpPi7A1cCD3SXUsSN6aRVrLNuAC173GJEZwzWO5BAJVARC%2Bj6NRz40txYEnmWRKy9loiEAYDsbRY1s0jekfpdhlq%2FasW8Ajb8tFRGdZz%2FMIsuYf8PvP8dl%2Bf0O8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 779b539fad6a1c06-OSL
alt-svc: h2=":443"; ma=60
partnerforce.ru/widget/law/v4/js/loader.min.js
104.21.16.253200 OK 0 B URL HTTP/2 partnerforce.ru/widget/law/v4/js/loader.min.js
IP 104.21.16.253:0
GET /widget/law/v4/js/loader.min.js HTTP/1.1
Host: partnerforce.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 01:15:12 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 16:48:18 GMT
etag: W/"5ef383d2-f6a9"
x-cache-skip: 100
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3o2%2BIBmSzKPh5c8jrNDDPLFk8aAQEmOjWUtm3UsJZYMZBcae9a3Da8eu%2BrMRlryanqJGiHacRaeDu1XenNFQY6R0S%2Bf5juLyOKnWq4oTS%2FmQHQ5AsXKRsLOSCx71yLFQg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 779b53aa786f1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2