r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15090
Expires: Mon, 05 Dec 2022 14:09:01 GMT
Date: Mon, 05 Dec 2022 09:57:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:57:31 GMT
Last-Modified: Mon, 05 Dec 2022 09:01:58 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16433
Expires: Mon, 05 Dec 2022 14:31:24 GMT
Date: Mon, 05 Dec 2022 09:57:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 09:20:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2236
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 58Jcp+TYCC3BzfCpMA5Ld1EF20orD31tz2qiO5fAIAztG6/dPbaqCNiReYexHoe+RDumtc/xULQ=
x-amz-request-id: WSKSKXWCXDDT3RSR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 09:47:22 GMT
age: 609
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:57:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js?ver=5.1.15
104.17.25.14200 OK 38 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js?ver=5.1.15
IP 104.17.25.14:0
File type ASCII text, with very long lines (32014)
Hash afc78f39e411039e53ae7a7043707567
8750774d0dcd88e3f2339fb4226363ba97413a69
097a6af08075e1110c989dc7ca7c28fc8c122f523fdbd4b7d39047b5cf92a916
GET /ajax/libs/gsap/1.19.1/TweenMax.min.js?ver=5.1.15 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 37930
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03e71-1b8f0"
Last-Modified: Mon, 04 May 2020 16:10:25 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 53978
Expires: Sat, 25 Nov 2023 09:57:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFuYl9i1E%2Bxy5%2FUullxz5%2FLPpLcePHWsyzkfUEdgYkZ3HK3zh57rtZAf7uO7Xq8jAHkjV4IsI9CU0wbcp3BtP%2B%2FKmsTVZzX27R34l2qgWq9PYkhnZ8dyShd6tefh8CWuT0M6dBPe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774beb08ca980b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/plugins/ScrollToPlugin.min.js?ver=5.1.15
104.17.25.14200 OK 1.5 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/plugins/ScrollToPlugin.min.js?ver=5.1.15
IP 104.17.25.14:0
File type ASCII text, with very long lines (3015)
Hash ed3608fd93e068d16f7e5a6116bc09a9
03ddcdfcbe34e12d31d4bbb9e266a2018bc8f50f
a90361aa6481ea150ff03994744161e7ec16b4031b126ef65e33090a5356b592
GET /ajax/libs/gsap/1.19.1/plugins/ScrollToPlugin.min.js?ver=5.1.15 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1535
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03e71-d47"
Last-Modified: Mon, 04 May 2020 16:10:25 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 53978
Expires: Sat, 25 Nov 2023 09:57:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJmADGMtHWOtMMFdEr3EAmkM%2BJY%2FVSNYnFuqxoaLx3KS6xO%2BF8ChgTkYX4k8%2B2hJxjylOBfQLcAjkLtdhR4lPmuUxJrlEkcY8jUxf0hZG5DMbjjdxS94c3FiN1HYt6XeYuX9HkDg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774beb08cfbe0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/easing/EasePack.min.js?ver=5.1.15
104.17.25.14200 OK 2.1 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/easing/EasePack.min.js?ver=5.1.15
IP 104.17.25.14:0
File type ASCII text, with very long lines (5086)
Hash 9e7764ec17b55e77819037224bd92bb7
1dc362d1a3ac9d922d53f2ad57ba0588d186e7ef
c2a76ea1ffdf4e6a5de615ca2428ba7af1c2105b8df2a3ba8f77b46a4b1cd270
GET /ajax/libs/gsap/1.19.1/easing/EasePack.min.js?ver=5.1.15 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2059
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03e71-155f"
Last-Modified: Mon, 04 May 2020 16:10:25 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 53978
Expires: Sat, 25 Nov 2023 09:57:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFKp9dQGboS9sqALOV6DNJ9urA4AHT4grWa6b5pxCTAozrBGUBMCOI%2BpMzbr77SYkZ8rFLP7GghiB86k1cVWKhPHyuasIdgWkm%2B6VW4GqzT20d0TSD38X9SYihU5DseqJLC16TsJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774beb08cff6b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.1.15
216.58.211.10200 OK 5.5 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.1.15
IP 216.58.211.10:0
File type ASCII text, with very long lines (2220)
Hash f72713534a64bf9c9aaee850092e823e
3ab0bb192e219d115b92f5fd590b43698d44d717
044da58d8894bb8f8464c19e34d3f4c454c222618f0c8f98aa705549c0215d97
GET /ajax/libs/webfont/1.6.16/webfont.js?ver=5.1.15 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 5480
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 17:06:52 GMT
Expires: Thu, 30 Nov 2023 17:06:52 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 406239
goleneva.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
185.68.16.167200 OK 4.3 kB URL HTTP/1.1 goleneva.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (25245), with no line terminators
Hash 0c2c7ed3aa8c5a3e8d81b026b7fe076a
e19e0f4816ba4d6b0790ec1c29519df465f5e102
6a430f23913e7cae6be94adbfd5f755932376cffb361662b79c832cde61b76d9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.15 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 20:57:21 GMT
ETag: W/"62ec32b1-629d"
x-ray: p999:0.000/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-content/plugins/pixlikes/css/public.css?ver=1.0.0
185.68.16.167200 OK 69 B URL HTTP/1.1 goleneva.com/wp-content/plugins/pixlikes/css/public.css?ver=1.0.0
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with no line terminators
Hash 7ad1b7e0db0560078882fa2028e1d7f2
33302a61bc792f5e0d8dc195b407574e2400a722
6127435a62e89f7b5c73dac0df2d39218f6efd66f04981b3e07f9f33682a2132
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pixlikes/css/public.css?ver=1.0.0 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: text/css
Content-Length: 69
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2016 08:03:21 GMT
ETag: "5822d849-45"
x-ray: p999:0.000/wn26928:0.000/
Accept-Ranges: bytes
goleneva.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1
185.68.16.167200 OK 1.3 kB URL HTTP/1.1 goleneva.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
Hash 00919a9e82efeacad78f464d2a3f0a90
7c2ca013d7bf3637d915df81c2c108258acde4cf
21a733630f12cb73830751141dde1a8fff18e596cdb1d5827ece00c9a169ef52
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.5.1 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: text/css
Content-Length: 1270
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2016 08:00:37 GMT
ETag: "5822d7a5-4f6"
x-ray: p999:0.001/wn26928:0.000/
Accept-Ranges: bytes
goleneva.com/wp-content/themes/rosa/assets/js/vendor/modernizr.min.js?ver=3.3.1
185.68.16.167200 OK 6.7 kB URL HTTP/1.1 goleneva.com/wp-content/themes/rosa/assets/js/vendor/modernizr.min.js?ver=3.3.1
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (16836)
Hash 6c41dcba6cb2ef98584defed6e1b3409
e6ee56b62889c8d2619a55b2275aedb1e16c38dc
9799ba3977bd0cd77bcfc1ada5ebbc57670ba0c3a3109d65de87289b1c5f2fdd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/rosa/assets/js/vendor/modernizr.min.js?ver=3.3.1 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 07 Jan 2021 13:35:08 GMT
ETag: W/"5ff70e0c-4441"
x-ray: p999:0.001/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
185.68.16.167200 OK 4.0 kB URL HTTP/1.1 goleneva.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (9959)
Hash 419dfcd162f9bd3cc6b9fd300745e1cd
5ac35115d28ff266bbab8f3e44dc6b8e23a62352
e9d520ac33d695444a437b0e1d64e86099c078238f5aa157d8148bf34aa7048a
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2016 07:59:14 GMT
ETag: W/"5822d752-2748"
x-ray: p999:0.016/wn26928:0.000/
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 09:08:58 GMT
cache-control: public,max-age=3600
age: 2913
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
pxgcdn.com/js/rs/9.5.7/index.js?ver=5.1.15
104.26.9.223200 OK 17 kB URL HTTP/1.1 pxgcdn.com/js/rs/9.5.7/index.js?ver=5.1.15
IP 104.26.9.223:0
File type ASCII text, with very long lines (1020)
Hash b67f1291832e3eae3c38b5328e773d7c
c946795d72b983badab0a6c46ac6b14dcc785dc0
e3fd7beba85d6a003ab1570bb009673dc0be05e8e211a14613ea5640ad3e8a2e
GET /js/rs/9.5.7/index.js?ver=5.1.15 HTTP/1.1
Host: pxgcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 09 Jun 2016 08:25:57 GMT
Vary: Accept-Encoding
ETag: W/"57592815-ceb0"
Expires: Tue, 17 Oct 2023 23:05:51 GMT
Cache-Control: public, max-age=31536000, must-revalidate, proxy-revalidate
Pragma: public
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Headers: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4143784
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pj13wv6syC%2BuBAOwRL%2BdX0PS4iL%2BCdA5ocSeRMZaRVS6u1drACHFLtgqgjdHnquFhaTxhgtw0yr7U3V4RkpzugD6JXOAtxDkpSOlZGciN5Q2mLeEdPEEjnnGdb0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774beb0a0cafb505-OSL
alt-svc: h2=":443"; ma=60
goleneva.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
185.68.16.167200 OK 34 kB URL HTTP/1.1 goleneva.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (31997)
Hash 8c6c351a8e97ace5b4227af3c49f5020
d58977cb32b6258dd25a27dea593ce59e2d3c739
d2d9c5c597eda3d760a4d9f9ad7357253551e34431d0466dd619f8ab0f3d86f3
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 20:57:20 GMT
ETag: W/"62ec32b0-17a69"
x-ray: p999:0.000/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
185.68.16.167200 OK 4.4 kB URL HTTP/1.1 goleneva.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (9071)
Hash 53aa84aa7979d1a3fd0cb0394c1b6416
5573c7a607bff9795953cdb3385527b83083fb08
9cb42b177c640d8df8718196a1ee994b1249659d9b1d3c8a90e8b3436ebab8ed
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.15 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 20:57:20 GMT
ETag: W/"62ec32b0-2eaf"
x-ray: p999:0.000/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/?p=5622
185.68.16.167200 OK 90 kB IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5679)
Hash 563fe7dba8cf4dd8d71df4d70fb9dc4f
9b4c6af0ec92fd9408dfbacb26ec1128ca2e1480
4e82dda0d7040cb775a7212cb237f6526805a5a3def4c19d3e35226ee31e127a
Analyzer Verdict Alert fortinet Malware
GET /?p=5622 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Pingback: http://goleneva.com/xmlrpc.php
Link: <http://goleneva.com/index.php?rest_route=/>; rel="https://api.w.org/", <http://goleneva.com/?p=5622>; rel=shortlink
x-ray: p999:0.370/wn26928:0.370/wa26928:D=362516
Content-Encoding: gzip
goleneva.com/wp-content/themes/rosa/style.css?ver=2.8.0
185.68.16.167200 OK 74 kB URL HTTP/1.1 goleneva.com/wp-content/themes/rosa/style.css?ver=2.8.0
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type Unicode text, UTF-8 text, with very long lines (533)
Hash 7ad05fbc5173fb1ce5fb5e9049d4a56b
a55fff6c01a8ace957015c94c8722d1b91b135b5
f225c1a2145f96ed95525283aa2622e3486136cea79b338c037e992f3b01ad39
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/rosa/style.css?ver=2.8.0 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 07 Jan 2021 13:35:08 GMT
ETag: W/"5ff70e0c-568db"
x-ray: p999:0.006/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-content/plugins/pixlikes/js/public.js?ver=1.0.0
185.68.16.167200 OK 1.3 kB URL HTTP/1.1 goleneva.com/wp-content/plugins/pixlikes/js/public.js?ver=1.0.0
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
Hash 0374a340cfdae22374c77d525dbff602
dc7d4cdc060f9023798f1eed750aad831c4f1bf4
4d79a98df1d603fc3b8801223f29abd2430c0d51f6ce28ed92c346405271ce6e
GET /wp-content/plugins/pixlikes/js/public.js?ver=1.0.0 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2016 08:03:21 GMT
ETag: W/"5822d849-e21"
x-ray: p999:0.000/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-includes/js/comment-reply.min.js?ver=5.1.15
185.68.16.167200 OK 1.1 kB URL HTTP/1.1 goleneva.com/wp-includes/js/comment-reply.min.js?ver=5.1.15
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (2160), with no line terminators
Hash bb73be8e6f01377fb86758447abe64c4
d8e24952ee9b11bda91eb78d966f924d627f20a9
7ff67382393b8df031a22ff1fb245696007f3867c9ad4e60cc6380f5cc19c4c1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=5.1.15 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 20:57:20 GMT
ETag: W/"62ec32b0-870"
x-ray: p999:0.000/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1
185.68.16.167200 OK 3.4 kB URL HTTP/1.1 goleneva.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
Hash d16c66e5086939de4e71d3a9caafab8a
5c71f5b7d86bb4e09b092117f4018f993b6c4f6c
779112ce979b44df840d01ec9c14c7a8205ac13155edc2987a9c06f38194d758
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.5.1 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2016 08:00:37 GMT
ETag: W/"5822d7a5-2fcf"
x-ray: p999:0.000/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
185.68.16.167200 OK 5.9 kB URL HTTP/1.1 goleneva.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (14900)
Hash 54ee793a1e94465ad59f47c1856ec3fb
cba0cdaf5f656d0da42c4683760db927fbe6d2ad
4eaffc0b4c4b3dd4f022f9e7edbea1907c00a53f30f2c27405d6b31c1d35b835
GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2016 08:00:37 GMT
ETag: W/"5822d7a5-3b90"
x-ray: p999:0.001/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-content/themes/rosa/assets/js/plugins.js?ver=2.8.0
185.68.16.167200 OK 48 kB URL HTTP/1.1 goleneva.com/wp-content/themes/rosa/assets/js/plugins.js?ver=2.8.0
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (6643)
Hash e995c8bf2cad90d92fe3fd11f6492dc0
78c1c6bdb304436add5652295cccc607ecbb0d74
f90a0733be6cee0d5d51cb8bfdfe0a3dc705f576606492e4ce69fe56018ab231
GET /wp-content/themes/rosa/assets/js/plugins.js?ver=2.8.0 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 07 Jan 2021 13:35:08 GMT
ETag: W/"5ff70e0c-28465"
x-ray: p999:0.000/wn26928:0.000/
Content-Encoding: gzip
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Mon, 05 Dec 2022 09:57:32 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
goleneva.com/wp-includes/js/wp-embed.min.js?ver=5.1.15
185.68.16.167200 OK 1.4 kB URL HTTP/1.1 goleneva.com/wp-includes/js/wp-embed.min.js?ver=5.1.15
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.1.15 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: application/javascript
Content-Length: 1391
Connection: keep-alive
Last-Modified: Thu, 04 Aug 2022 20:57:20 GMT
ETag: "62ec32b0-56f"
x-ray: p999:0.000/wn26928:0.000/
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3318
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:57:32 GMT
Last-Modified: Mon, 05 Dec 2022 09:02:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Anonymous+Pro:regular,italic,700,700italic%7CHerr+Von+Muellerhoff:regular%7CCabin:regular%7CCabin:regular,italic,500,500italic,600,600italic,700,700italic&subset=latin-ext,latin-ext,latin,latin
142.250.74.106200 OK 951 B URL HTTP/1.1 fonts.googleapis.com/css?family=Anonymous+Pro:regular,italic,700,700italic%7CHerr+Von+Muellerhoff:regular%7CCabin:regular%7CCabin:regular,italic,500,500italic,600,600italic,700,700italic&subset=latin-ext,latin-ext,latin,latin
IP 142.250.74.106:0
Hash ac2fafbe158e5b6fd8190b4e154f32a7
97ffd115060844ed8429e7edd3ae7b06fa525575
aaf641a123b17bb2c24de744d7a8699144fcf9296c03edae9efeb27683504b7f
GET /css?family=Anonymous+Pro:regular,italic,700,700italic%7CHerr+Von+Muellerhoff:regular%7CCabin:regular%7CCabin:regular,italic,500,500italic,600,600italic,700,700italic&subset=latin-ext,latin-ext,latin,latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Dec 2022 09:57:32 GMT
Date: Mon, 05 Dec 2022 09:57:32 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116406 bytes)
Hash 722e21e12eaa431752dfae3577fe0619
cdf8ee4381284ad6b6081663ae6ee322998e1b35
998242560562ed6542b378745338b65d06b0001ee9c4c9bb843166524bd4c407
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goleneva.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116406
date: Mon, 05 Dec 2022 09:57:32 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
goleneva.com/wp-content/themes/rosa/assets/js/main.js?ver=2.8.0
185.68.16.167200 OK 20 kB URL HTTP/1.1 goleneva.com/wp-content/themes/rosa/assets/js/main.js?ver=2.8.0
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type Unicode text, UTF-8 text, with very long lines (1987)
Hash e5b12472de68f33ef250104520c69c3b
018898675b961ff3da8a75eaecb30b23b5b40f22
c15043d74b5f9901e1bf4ede5f7fef11dcd2a50f96f88e430d04f6553638b37a
GET /wp-content/themes/rosa/assets/js/main.js?ver=2.8.0 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 07 Jan 2021 13:35:08 GMT
ETag: W/"5ff70e0c-10bbf"
x-ray: p999:0.001/wn26928:0.000/
Content-Encoding: gzip
goleneva.com/wp-content/plugins/wp-spamfree/js/wpsfv2-js.php
185.68.16.167200 OK 0 B URL HTTP/1.1 goleneva.com/wp-content/plugins/wp-spamfree/js/wpsfv2-js.php
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-spamfree/js/wpsfv2-js.php HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: application/x-javascript
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: vmntklzaDElCdtsn=CDglhjstCgxGvaGl; path=/
x-ray: p999:0.406/wn26928:0.410/wa26928:D=404865
Accept-Ranges: bytes
goleneva.com/wp-content/uploads/2018/02/logo-au1-1.png
185.68.16.167200 OK 34 kB URL HTTP/1.1 goleneva.com/wp-content/uploads/2018/02/logo-au1-1.png
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type PNG image data, 1000 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f2d92eb4486e4055b2b615330a4e38e
d736ef4fda1ea636fec193b07a52cfbddaa88bce
13978041ebc5b090fcc0e4e6779161fdcd4da5c9d8e24ccdd59af42a9009565e
GET /wp-content/uploads/2018/02/logo-au1-1.png HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: image/png
Content-Length: 34153
Connection: keep-alive
Last-Modified: Thu, 08 Feb 2018 07:29:30 GMT
ETag: "5a7bfc5a-8569"
x-ray: p999:0.001/wn26928:0.000/
Accept-Ranges: bytes
fonts.gstatic.com/s/anonymouspro/v21/rP2cp2a15UIB7Un-bOeISG3pFuAT4CDc7ZOy.woff2
216.58.207.227200 OK 11 kB URL HTTP/1.1 fonts.gstatic.com/s/anonymouspro/v21/rP2cp2a15UIB7Un-bOeISG3pFuAT4CDc7ZOy.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 10964, version 1.0\012- data
Hash b3d4e3e4aa8203eb2b8746640d25f5fd
6ffdd1ce54b4f9bb6c501921e5a927242274b662
918274f47307bb583ae276d90b12d83ffc52a99ac569a7b8834660a588f042df
GET /s/anonymouspro/v21/rP2cp2a15UIB7Un-bOeISG3pFuAT4CDc7ZOy.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 10964
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 00:37:55 GMT
Expires: Fri, 01 Dec 2023 00:37:55 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 19:15:30 GMT
Content-Type: font/woff2
Age: 379177
fonts.gstatic.com/s/anonymouspro/v21/rP2cp2a15UIB7Un-bOeISG3pFuAT4C7c7Q.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/anonymouspro/v21/rP2cp2a15UIB7Un-bOeISG3pFuAT4C7c7Q.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16180, version 1.0\012- data
Hash 938010909da2a211d2e3ea515b508e5a
a3b67e17db4836ef815886c0e3e8553123703ee8
375e14fc0e64a2339788b0e6cf9a7b2ac9eef20314cfab80373eded4708f7dfc
GET /s/anonymouspro/v21/rP2cp2a15UIB7Un-bOeISG3pFuAT4C7c7Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16180
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 10:20:33 GMT
Expires: Thu, 30 Nov 2023 10:20:33 GMT
Cache-Control: public, max-age=31536000
Age: 430619
Last-Modified: Tue, 19 Apr 2022 19:15:28 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHlU29RH9.woff2
216.58.207.227200 OK 12 kB URL HTTP/1.1 fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHlU29RH9.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11548, version 1.0\012- data
Hash e8c1d93ccff36fd0d68c51d5a05018bd
edec0fa755fd409b6f43617c8ca671d165da7241
f04fe019cac501dd17d7bc5a904ed129bbca7f4ace28684fd072a316505897bc
GET /s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHlU29RH9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11548
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 00:37:55 GMT
Expires: Fri, 01 Dec 2023 00:37:55 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 19:00:08 GMT
Content-Type: font/woff2
Age: 379177
fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHl829RH9.woff2
216.58.207.227200 OK 9.7 kB URL HTTP/1.1 fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHl829RH9.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9696, version 1.0\012- data
Hash 4715115d8c43e4523d1f5fbc02e402f2
0594a5f918b0f492483364157b9b5eed7891aa95
476607c776c9e8cabc7e1489125be12b17477e1ddaf6b874d2af57182e0989b8
GET /s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHl829RH9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9696
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 09:13:13 GMT
Expires: Thu, 30 Nov 2023 09:13:13 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 19:33:27 GMT
Content-Type: font/woff2
Age: 434659
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvp9nsBXw.woff2
216.58.207.227200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvp9nsBXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13808, version 1.0\012- data
Hash b9cf0889911ac57ee24c7c6886e50070
13c5cea6cedf0ccb68abf357fabe33d5f5477d5f
4190f73db7190e7ec4fc39666881acd3920fa73ab44c12bf7e8a6e5a76191e44
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvp9nsBXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13808
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 10:47:35 GMT
Expires: Thu, 30 Nov 2023 10:47:35 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 24 Jun 2022 18:41:45 GMT
Content-Type: font/woff2
Age: 428997
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
216.58.207.227200 OK 26 kB URL HTTP/1.1 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Hash 312bcfa92b0b0a09c3f404b2c662a0b6
5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26100
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 19:44:39 GMT
Expires: Wed, 29 Nov 2023 19:44:39 GMT
Cache-Control: public, max-age=31536000
Age: 483173
Last-Modified: Fri, 24 Jun 2022 18:41:34 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
216.58.207.227200 OK 18 kB URL HTTP/1.1 fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17528, version 1.0\012- data
Hash ecc73eea444a12617ca8982b3caf0685
4798b6f23a88c4ffe289a3d9e6299e4a1906f4f8
148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0
GET /s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17528
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 13:17:58 GMT
Expires: Fri, 01 Dec 2023 13:17:58 GMT
Cache-Control: public, max-age=31536000
Age: 333574
Last-Modified: Tue, 19 Apr 2022 18:59:58 GMT
Content-Type: font/woff2
goleneva.com/wp-content/uploads/2018/02/logo-au2.png
185.68.16.167200 OK 33 kB URL HTTP/1.1 goleneva.com/wp-content/uploads/2018/02/logo-au2.png
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type PNG image data, 1000 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f8b844efce499e3ce941a561b3f8a3b
eeb59baa7552ceceeb8e793b2f4f9ef2d339ef72
2e6b093a892181b01a87777dca84ce5493f3c16f204927d7f57948f11bd4ac4e
GET /wp-content/uploads/2018/02/logo-au2.png HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: image/png
Content-Length: 33391
Connection: keep-alive
Last-Modified: Thu, 08 Feb 2018 07:29:22 GMT
ETag: "5a7bfc52-826f"
x-ray: p999:0.001/wn26928:0.000/
Accept-Ranges: bytes
goleneva.com/wp-content/themes/rosa/assets/fonts/icon-fonts/entypo2/entypo.woff
185.68.16.167200 OK 45 kB URL HTTP/1.1 goleneva.com/wp-content/themes/rosa/assets/fonts/icon-fonts/entypo2/entypo.woff
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type Web Open Font Format, TrueType, length 45152, version 1.0\012- data
Hash 5460a9ba11448e34f332f25e72dc16df
9729b28b6872d971935ff58f460cf3c26dcb7380
434d5a30d2359d95efc266dbe0fffcac2c1846e133d4713bebb7c337bdfb84ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/rosa/assets/fonts/icon-fonts/entypo2/entypo.woff HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://goleneva.com/wp-content/themes/rosa/style.css?ver=2.8.0
Cookie: vmntklzaDElCdtsn=CDglhjstCgxGvaGl
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: font/woff
Content-Length: 45152
Connection: keep-alive
Last-Modified: Thu, 07 Jan 2021 13:35:08 GMT
ETag: "5ff70e0c-b060"
x-ray: p999:0.000/wn26928:0.000/
Accept-Ranges: bytes
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gZAaD9z7kYfrT7kH6VpWzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aH0tv81tCYum1YY7c/9hK8okcs4=
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goleneva.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 05 Dec 2022 09:57:32 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cabin/v26/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2
216.58.207.227200 OK 28 kB URL HTTP/1.1 fonts.gstatic.com/s/cabin/v26/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 27584, version 1.0\012- data
Hash 4b1ccde40f50e18ba65d8dd6c37b9568
c3207ebc1f717a9312ffd980ff2167ca2e48019f
8fbad22272f358d3e1a9e09a50761bd38b44cd558e3316d562e33804f9536a54
GET /s/cabin/v26/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 27584
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:55:12 GMT
Expires: Sun, 03 Dec 2023 07:55:12 GMT
Cache-Control: public, max-age=31536000
Age: 180140
Last-Modified: Fri, 24 Jun 2022 18:42:43 GMT
Content-Type: font/woff2
goleneva.com/wp-content/plugins/wp-spamfree/img/wpsf-img.php
185.68.16.167200 OK 43 B URL HTTP/1.1 goleneva.com/wp-content/plugins/wp-spamfree/img/wpsf-img.php
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type GIF image data, version 89a, 1 x 1\012- data
Hash 480602261bbb5605d5b81035bcfa9547
ae86807d1cc8ba2f65b00740203c26935aa95687
3a81352c430188f31c0a3f342f190600103e5f8886f24bef101b4f2e328764bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-spamfree/img/wpsf-img.php HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: vmntklzaDElCdtsn=CDglhjstCgxGvaGl; path=/
x-ray: p999:0.366/wn26928:0.370/wa26928:D=328134
goleneva.com/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
185.68.16.167200 OK 77 kB URL HTTP/1.1 goleneva.com/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://goleneva.com/wp-content/themes/rosa/style.css?ver=2.8.0
Cookie: vmntklzaDElCdtsn=CDglhjstCgxGvaGl
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: font/woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Thu, 07 Jan 2021 13:35:09 GMT
ETag: "5ff70e0d-12d68"
x-ray: p999:0.001/wn26928:0.000/
Accept-Ranges: bytes
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goleneva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=18493
date: Mon, 05 Dec 2022 09:57:32 GMT
X-Firefox-Spdy: h2
s7.addthis.com/l10n/client.ru.min.json
23.38.200.123200 OK 2.3 kB URL HTTP/2 s7.addthis.com/l10n/client.ru.min.json
IP 23.38.200.123:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3622), with no line terminators
Hash 10ea9c2d50791faafa23799f60982fc1
19958856c7530cb4cb2c1cb15f0e70f13ca3a685
7cdb1dd577df8592637f78d44db8deb3600c1e921c566a91738df2e5904c7d17
GET /l10n/client.ru.min.json HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://goleneva.com
Connection: keep-alive
Referer: http://goleneva.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-16d7"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 2276
date: Mon, 05 Dec 2022 09:57:32 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
0.gravatar.com/avatar/695c04e4cfa058350428cd27ee429368?s=80&d=mm&r=g
192.0.73.2200 OK 1.3 kB URL HTTP/1.1 0.gravatar.com/avatar/695c04e4cfa058350428cd27ee429368?s=80&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 80x80, components 3\012- data
Hash 4c25cdcde560f6aef479b1f52e91ba08
39e1a6a8d0518daea7ae198d96fbda3ef1f6f3a9
faa31d59125ea8a13f09031f0d4cdc036e09d8e354f896ff4d20dff8107a3bc0
GET /avatar/695c04e4cfa058350428cd27ee429368?s=80&d=mm&r=g HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:32 GMT
Content-Type: image/jpeg
Content-Length: 1288
Connection: keep-alive
Last-Modified: Thu, 16 Jun 2011 12:14:50 GMT
Link: <https://www.gravatar.com/avatar/695c04e4cfa058350428cd27ee429368?s=80&d=mm&r=g>; rel="canonical"
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="695c04e4cfa058350428cd27ee429368.png"
Expires: Mon, 05 Dec 2022 10:02:32 GMT
Cache-Control: max-age=300
X-nc: MISS arn 2
Accept-Ranges: bytes
m.addthis.com/live/red_lojson/300lo.json?si=638dc0893d2d5108&bkl=0&bl=1&pdt=1014&sid=638dc0893d2d5108&pub=&rev=v8.28.8-wp&ln=ru&pc=men&cb=0&ab=-&dp=goleneva.com&fp=%3Fp%3D5622&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670234249901&jsl=1&uvs=638dc089b2c75a5c000&skipb=1&callback=addthis.cbs.jsonp__37708095263848730
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=638dc0893d2d5108&bkl=0&bl=1&pdt=1014&sid=638dc0893d2d5108&pub=&rev=v8.28.8-wp&ln=ru&pc=men&cb=0&ab=-&dp=goleneva.com&fp=%3Fp%3D5622&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670234249901&jsl=1&uvs=638dc089b2c75a5c000&skipb=1&callback=addthis.cbs.jsonp__37708095263848730
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c528e83075f7c770ff81d2f36c9e69bb
ae25fe37419be19fcd4f3e3bb7fccbc274a1e625
4ef9d98e74d73597c9adec93ba2e58630890b7582fdb2de5a133b50be5abb59d
GET /live/red_lojson/300lo.json?si=638dc0893d2d5108&bkl=0&bl=1&pdt=1014&sid=638dc0893d2d5108&pub=&rev=v8.28.8-wp&ln=ru&pc=men&cb=0&ab=-&dp=goleneva.com&fp=%3Fp%3D5622&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670234249901&jsl=1&uvs=638dc089b2c75a5c000&skipb=1&callback=addthis.cbs.jsonp__37708095263848730 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goleneva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 05 Dec 2022 09:57:32 GMT
X-Firefox-Spdy: h2
s7.addthis.com/static/menu.c9fe060fcef7c720d644.js
23.38.200.123200 OK 9.0 kB URL HTTP/2 s7.addthis.com/static/menu.c9fe060fcef7c720d644.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (23898), with no line terminators
Hash 36b64845e2aef23701f87e66bf37ae79
6daf53110041c85906ee5aecf09ce3b869743c04
6a15a63dc2d04f8224e886b3fc41827cf7f9845659027f73f11b4711a3f618e1
GET /static/menu.c9fe060fcef7c720d644.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goleneva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5d5d"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 8962
date: Mon, 05 Dec 2022 09:57:33 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
goleneva.com/favicon.ico
185.68.16.167200 OK 0 B IP 185.68.16.167:0
ASN #200000 Hosting Ukraine LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: goleneva.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goleneva.com/?p=5622
Cookie: vmntklzaDElCdtsn=CDglhjstCgxGvaGl; __atuvc=1%7C49; __atuvs=638dc089b2c75a5c000
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:57:33 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 0
Connection: keep-alive
x-ray: p999:0.298/wn26928:0.290/wa26928:D=132270
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9446
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 09:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9446
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 09:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7394
Expires: Mon, 05 Dec 2022 12:00:47 GMT
Date: Mon, 05 Dec 2022 09:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9446
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 09:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7394
Expires: Mon, 05 Dec 2022 12:00:47 GMT
Date: Mon, 05 Dec 2022 09:57:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 12:09:06 GMT
age: 78507
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 44094
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 43669
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2jx-M9MgKrJXU4yYsJzWqNXwruIGhFNWkD7GcPdqddnEzcNgFw2luw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:35:35 GMT
age: 22918
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 25899
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:26:44 GMT
age: 23449
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/static/100.17feec3d215fd90d3df4.js
23.38.200.123200 OK 423 B URL HTTP/2 s7.addthis.com/static/100.17feec3d215fd90d3df4.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (748), with no line terminators
Hash d7316e741ee91ce7e2f1b2619b70eb7a
244753ff8875cfb3950e4fe646ed0c4c2e798418
a5b148ef03b6547813221988df13f95885e68d91603972f9d1311f601306e94a
GET /static/100.17feec3d215fd90d3df4.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goleneva.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-2ec"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 423
date: Mon, 05 Dec 2022 09:57:35 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/11.2.0/svg/1f604.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/11.2.0/svg/1f604.svg
IP 192.0.77.48:0
GET /images/core/emoji/11.2.0/svg/1f604.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goleneva.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:57:32 GMT
content-type: image/svg+xml
last-modified: Fri, 18 Jan 2019 01:27:58 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2