kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
104.21.86.10200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20374)
Hash 6949a250764d9c0b3cb3fb16a750889d
3d6a960f55696f618580cdcf48abe7d532884ec9
1ef1c0e9a623425fb3dad1e32405835637ba3a2aaf2185f8c0fd504fafa72d26
Analyzer Verdict Alert fortinet Phishing
GET /porjadok-nasledovanija-denezhnyh-vkladov-51992 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Status: HIT
X-Cache-Skip: 000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpebGIkltr6Ymf4%2By12iBzOF21gquKGCsDT3aLr5X2AFj2kXm0XU3EuYGGjFuY5fF7A%2BzUVjkluRm%2Fh0qUs0FvIbOeAlYqFJmELiM7BeDUgwaFd4QR1rSF68DOV9Tq3%2FmuIictw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76739aa09a76b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3981
Expires: Wed, 09 Nov 2022 05:00:15 GMT
Date: Wed, 09 Nov 2022 03:53:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3805
Cache-Control: max-age=114042
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:54 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:34:36 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5701
Expires: Wed, 09 Nov 2022 05:28:55 GMT
Date: Wed, 09 Nov 2022 03:53:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bdBpDzpJ6vnPwrTYx4Gk7JMZ7/9DZPTa1naNuE8BZd5EAM4nTZWGV4foywvINP4j/oDxnTKkbhI=
x-amz-request-id: EF8HAD49KP3909BR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 03:48:48 GMT
age: 306
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 03:53:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/themes/casino-theme/style.css?ver=4.9.8
104.21.86.10200 OK 474 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/style.css?ver=4.9.8
IP 104.21.86.10:0
Hash 64512c3158a4553e2793a93d47c71224
51c04d04a577de6c3ebae959d392d8d49b906733
be702a318efa54999935c28540445356ecfbba55d3ffc14776ae15e92f3a18b7
GET /wp-content/themes/casino-theme/style.css?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:19 GMT
ETag: W/"5e4d7303-330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94679
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VERJOXVAYrEtVJ39ohpCPP2uuHrhRmnNOPVa4dIlniqqHGwbnpSimS02MJrTw%2B938bxpCk68jULinUt5fyQm%2FXZBuAW0Lm1pilS2h9bCcK77KwznYB9tpmMr821XWB5W3UBF4so%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa33be6b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
104.21.86.10200 OK 451 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
IP 104.21.86.10:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash 9cbb12ded165859b75441a829fb683af
1e85f7bd7f0fa9dbc53157bbead5eb703c502db8
3dba212407392e05ef866072e63f519c9ef7365ea376cb5a8824e77726a6759b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:13 GMT
ETag: W/"5c12514d-484"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94679
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTLa8ENsdfI3yHtJ4%2F%2BOu2aTi6lY2AcS7hP0UjRl09UmfCCd0ysYnhgSu9hV%2BTzPIMCyf0ZsSJDm1C29%2BwL2Z0T0TqDrC3jYNQPvzEbNWjWr2vT0Xuq6%2Fh9sdcx4ZA9rjZu6mYg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa33917b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
104.21.86.10200 OK 676 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
IP 104.21.86.10:0
Hash aed6d7df00952fe5e2c7c636649262f6
7d27a3280224fa23a11af27e6816ba0a49ab5d70
06c5b0cd3f5177c83dc46e5fa8aca26cd4c79f9a3a256cfd03352c129039fdf6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:30:56 GMT
ETag: W/"5c125100-6cf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94679
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOY7yAWKtIJdrwm65tANEHID%2BWLXGsVMrntKqqs6dYMhZpfcsp7ABELC9ivJnYyrkWnrfi5%2FaujSrX8JCx%2BiJYKyF2XzF%2Fykcn1chc%2BUMpfoqD4nKxSVwhqL1S8nVlXb8pns7Ak%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa33c200b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:53:54 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 559578
expires: Mon, 30 Oct 2023 03:53:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BW0icUSQpWhV2WOOlrvqEmaFeaGPbmLjDSS6d%2F%2BYxEYrIZbj2byYVTA1MlH9s2z%2FQk1Gy9Z6hfK6hZFwXYM%2F4tJlVZXzvByfhiC62QcN3OufDyfL3SQxySmVXPTcZGgm7dipm%2FLI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76739aa349dbfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1
IP 104.21.86.10:0
Hash 71cbbc2b4b75d38fde4164930c4b1a5f
bc669826f776560c05ed95d509c6048a4e731ff1
c6f60ff63ea7e00e90f3db1812ab9600d24f17a153f923db3e5fbaa31ed3342c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-153e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYxg0lKKCLBI2QZhcfRmxPaW7eUeM989a%2F5m%2FIBjRPwkosb07pDicpKEhALsy4W6iCorxHJmWSqXug2evUOJvUwZh4K7j5s9nbA5AmRRUfYnGd2Rt0FIq8jCjmzyWPM9PIHZeI4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa35c330b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1
104.21.86.10200 OK 18 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8ccc3caeb4d179c7411ced0d453568d2
24f7e038de1ff25d1d5640880a0dcc2a35a6c9ca
0f597bf99dcbb112a2ed509e8883f79ff735b518157dad9cfb59a6d685e8b144
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-1a1f0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94679
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rY27JMztvSWPxsn%2BCTkptMAu5Lqk0UGhOp6V7x2kgk55vbgqYLSfjhAtKMzsMQIASxbelb1DmoEg9AnQxANPfqrIQMHtkdoJRslLoMT3oq0dmnJSTjNKED%2FaXUZAVWWFA84BkA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa35c01b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10200 OK 21 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd9634fd6b76b33a1ecc722ec66c6594
60cde4939736097ec7dc5001e889635bcf60f2b7
514351d0c268660be9fa9a34578c4146032b70f5835f6ecd4bf6b12b673cf14d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-2613e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94679
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeZksV46wWScK8v4OoFarD2gkjrI%2Fi3rD%2FjQV7iR%2FJQwqnDNnBsp4Eo2h7Anzj%2FzIPF4VDEw7vgm4qpVk3A6OhV6VKaRdB16oELBIbCLjNW47P%2BEHfhSm1FDHmok%2BiZdKtyfpk8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa36921b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1
104.21.86.10200 OK 237 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1
IP 104.21.86.10:0
Hash 42b856f70401792ff61ce39f0d15187e
d89f7caec9972737f77b4d6effc214e5ddc6e8c6
498fb25e1b77547c448f19fbbec16747f9ad3ffede9e65af1df28e6b51e7c7c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-147"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94679
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dchDZjrnBKe%2BLJuaZTEBOddsGFKBnrNFWKY%2BWPBgGbmvfmNjU0UR%2BeNm5xtweJbDC3cM5MnikHUbw2GZR8ATU8poUfaVBsCkuEjRlkOP4kaRDqtGe%2BSXysVnvd%2FMV7rEYKgeMAo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa36c380b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu.css?ver=1.0.1
104.21.86.10200 OK 2.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (11594), with no line terminators
Hash d0c9fed4ee25a9901b0075392fced627
8e15174d523c566ecd24b03bd6f64284b3bb89bc
6707a90e066997a1a63b069a02ac745de76a5d85468aad53e9a773874f7b522e
GET /wp-content/themes/casino-theme/css/menu.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:03 GMT
ETag: W/"5e4d72f3-2d4a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvaclWY3bLCr1ydRiTs8lkcXhxUHAjA3MUmkVXnbILEhLiPx0GXScrgZIL3ItZLzYi%2BW5PpL%2FPSv0hhYpLoR4AHxhaKOsT9bbP8%2FQPUk73nQyzxNfzmUQcT1tb1cwMyThnwznM0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa3792ab503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1
104.21.86.10200 OK 310 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (1519), with no line terminators
Hash d73a797f7592ab9bce3849ab5737817e
9423b36627b10be53d0806fadfe6c8d8d68f9e71
f7d7f8fbdf96b9b72d137ad3ea7ad6bfbd9b935b04f697d60d9ee4600b9478c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-5ef"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94679
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxB5lf72C9ULxvR2PwDk1VMDe0zCIkIwWJGCpEQsh4jlO5rLZ%2FNeBk4R6PkEm5u6L%2BrC6Kdpj4sjiP8bfLKUnW4Qj3IXMCGhyfGcC2d2wZkBA3SVqahbnEarCcAB%2BfOpsQ3zDLY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa3697ab51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107
104.21.86.10200 OK 792 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107
IP 104.21.86.10:0
Hash 28e92d0115685376ea13f80d4624cd77
5c49d2ba210b35e9d558c6cf13a5bccaaa950ed8
482f6d092f111156af642386342ff908983668446198cb59289e92180312dc86
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:27 GMT
ETag: W/"5c12515b-e8a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RXTpl%2BiSOPIEtbqsvHaGT80Vz5Px80ji2XzjP5UGWippZOfZ%2FlX2mwPJ6cX2YGk0qyQ3e95JUcQ5y3XjoGu10Hd1m1E08aK%2BpP7qCTXnIDga43faDZM%2FgDivuNrEZ9S6Nc%2FfQg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa3893bb503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
104.21.86.10200 OK 34 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 104.21.86.10:0
File type ASCII text, with very long lines (32077)
Hash 3a80fc6d5f853164f2f53a98659c0c21
3327cc9fd1e64d96894c1322e3ef52dea7fe4cf1
c390de9d0d8953f70b165680d6122a3fc871006c67a676030596a4c36e882674
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:01 GMT
ETag: W/"5c12517d-17ba0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOLZYaeBjsoiDAcDxnAaHV3nL1FZ2RcjS3EHyYUsmLLjQKp8Fdb4XpEl2BdS9LvB578pPdJQMPTIpWywwsJ1qyXAnw2uD%2FShl0tMj21TyuQJk3QAzYlSVDVvQkTw9i0Mp0VLSo4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa38981b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
104.21.86.10200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:01 GMT
ETag: W/"5c12517d-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTCMWcogDP%2FvpiggWJ0JdfOYopGX77SJtU0O%2FOX1N0gqFuiG%2BJv3jG7dhy2Gbb0dTGz8ogW2cGfTqWJuXb5CVQUKntmMUOT4MsPx2VhS1jkZkDb2%2FPz%2FwyNB2vzmecZx1cA9dtU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa39946b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4
104.21.86.10200 OK 589 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4
IP 104.21.86.10:0
Hash b1e45bf9bcd536be8008b443608c6c6b
0d22ff7469317a36f82f2b6274c9c791daa21b24
e140ee41b7a34f1a34911b6cd5c933673469cbd4f60777f23c1e4d82e810bfa3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: W/"5b07c29e-881"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3K%2BMJLRpFxDpCOerCxN3tyCD2j%2FnlbZRmLymGwMWk%2BWTMNzgZ%2FFkdOVJUKZUhs2YjTAUPjqmW4tJkTbDu%2FD0GHGa8VANPO9jha7yWjMZqqYx7yc1OE3ikM8kIfm6IFdJcUdlDc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa39987b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/templates/rt_vermilion/css/systems.css
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/templates/rt_vermilion/css/systems.css
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
GET /templates/rt_vermilion/css/systems.css HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 404 Not Found
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOJXYKia%2BIdlflnyZaYvCo2guOMfCqggrDlydfZvQCwoX2lmLH5U3uPQ97m0xRrmtfhhtHBNNuACx9cnVwb38c0LapunnU2j7xkxxpcyHEiVscOnJsw9BbJlMMbe19w0FTk0D8Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa32bccb4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
104.21.86.10200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
IP 104.21.86.10:0
Hash e0e4b1426b3215295e18e962a7d55f92
05ea8fd2d6c296a08cfa892650b84408ff473e7c
7551622c8e60a0bc7ea9f97ec1d26e7706618d171b4edc99ed8276872e231970
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:30:59 GMT
ETag: W/"5c125103-38f9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSU0SS7MNK3TdGdNO2o6SnpDtL4oH240Szo%2BCt1W%2FcefS0b83e3UzXkB1wicvjyE1l36BdZlXW98A2ToqUzUP8pKJCMHgFRwszG%2BxkYcze2x9QCeOza9Kz3G55Ei1LsQ%2B1AalAo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa3dc31b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
104.21.86.10200 OK 2.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
IP 104.21.86.10:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash 4f4a997bc181498157d148ba9b649949
87ff26f8385fcf11c28fcc40c2e5619a8138f44d
fe722eb1adc5eb6c3642f87ba188bfb0b899130719fd73381712d6d710d3ed4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:10 GMT
ETag: W/"5c12514a-17cb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvrBNyR8mljNpA1H5pFBpPjsmzlZFnM3C79vYpLSGdbG6du3BBTp2XH9%2BoLYD91YKKijQEWSRcG8DkAoSP1jPcEnrs9Lom5rqQ32QX4%2FKF%2FtmidzFqpYfujv2I3dlSBmMauNFUA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa3ec39b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 404 Not Found
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mv%2Fk70jjreouhhU4iisOYdf8wqCGhKUYE6XF6PWMhVmksr01E6zN2CkZFt9ommz4e6q1QvqjZL6JqlgT5WjxCsdKwQ79nXvZi%2FQA9g8TpzxxvmuVcuwT1FiVMWQl8uXlY5gIJpY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa36c08b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/edit.css?ver=1553001916
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/edit.css?ver=1553001916
IP 104.21.86.10:0
File type ASCII text, with very long lines (390), with CRLF line terminators
Hash 36d221b51828ef8bbcf62f1c250ddeba
8276b7312f88f9e7d66bc9f68deb1ac29e7eda5b
ebc9fa2711b97b9ae51a1e8bf173a46a74007041bf642614685ba36dda0717f7
GET /wp-content/themes/casino-theme/css/edit.css?ver=1553001916 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-eb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDf1YOI7ZXpS1MkXlg8ZJ7x71pV6uUeJgQBpbAJ3zC%2Bt1AKi0b8HRmadhF93fsGT5ustSFB66xeIRrNfnwUx9nCBe5UJcmXJ6LCP03ma7yPG9DvbmKz0I3haXu6dvNXkya5BBLo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa37c3f0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215
104.21.86.10200 OK 21 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215
IP 104.21.86.10:0
Hash e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Content-Length: 21
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: "5e4d7302-15"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ne26woj2kNrnUTXOg4XGmWzDb%2BL10XmHUK71Vr3rXOQi7%2B5fGCsfqcfawZgy8e9LVy9%2FmKsZbxHmtxu7VP20%2BuU4QoJ9PqRdTTdQEtLoMJrRd45Bg35Y1IUhAhbJePOoxuDANzs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa42c680b31-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215
104.21.86.10200 OK 416 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215
IP 104.21.86.10:0
Hash a58187e217f4b2ee9cd10e8954eda607
49f6e0418c24f410db3a8c8681a7d98455d15e9d
69bf8d27242351ec81cf610c4d994e047c2ab1b5868b9e252596eee0a3d6d278
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:19 GMT
ETag: W/"5e4d7303-2ad"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3jQnQcO2NOpxO6pPOUQ3TnIdU%2F%2Bbf%2BZMsan8sLURd3k%2BnubDv7w46dwx0gHzYr0bomwPoTbUD4NCYMBhWT2LSV0tSgyyNlkdnTxFho6t08I4i5%2BaUDkXu8rmo0l7om%2BUvK7Yhk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa42c6bb4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215
104.21.86.10200 OK 34 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (32077)
Hash bcf328167425e857c585773a83f0a9f1
5bf83602f9bb9607edba90a4564c8aa81e09c291
994b0b39c149e2a731357570951341f99d2f50cb1c7e1588e8ff30b665d4136e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-17b8b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksgTUk2I33ktIO%2BmgpvEbVcUK205VEHJTSHY2MFlv6ulQPqLSPSsOxtsbacLw5C1p6CMql%2F9oQYzxqJ5CZFXIqgpv1QlMbanOjr0D3gqA1rWE%2FvPJhvuaBip%2FmDzxogLuVZLgYc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa42c85b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215
104.21.86.10200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
GET /wp-content/themes/casino-theme/js/jquery-migrate.min.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgKNMLLWgKMh78CgUKDd9YXra%2B%2BcVK1nUzRaqEJE3EkmKaFFRDBXE5cocevppCGRXrGZHRJOweP4HigXl6eWEE9Xy9p90XOdf4lvGZKPOyLihZGs8SRdiOROE6dGTmMa%2BN5uTLU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa42c6c0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/caption.js?ver=20151215
104.21.86.10200 OK 334 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/caption.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (413)
Hash 67dcbc30fcfad1892362b21170522298
3ff742e04689a2cad78f844f1b76d457bdb72ca5
81c52b778cf87c87d1569c8fc4229d226eaab8e86833d315ec48b48be074fba1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/caption.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1eb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxpJWSYH5rjPqe6s4GKS4kLGHfGx%2BJLANhfEqOdR4Mku8tXW2vJMNWXeVGxMx8suAJlHxdXc9IwcHaQFQw0V84kMAz0eFqeVTYlFOkeCfqBNhCCKKEM79CgfJ5Nm4jdHBd6UHyk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa42c74b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 404 Not Found
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJvo3R6ku%2BOrgAkea7F2a8gsLvHwu6J0BERseacvdviEcROTvpGatkDwg70n930kDmaSInfougvBxJbeYKVMBhJRt4kM1LIdKP9kP%2BKOBfLed4d5AUid%2F%2Bmo0jeCPWASt3JCHko%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa369dd1c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215
104.21.86.10200 OK 27 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (785)
Hash 4c23651950610db3ab0eebcf75eafe08
78bc489136a6d10bfbf2e2a17ede591d5049ab95
51e3113569751f8acb6086c37fe8af13e9779e0538912531daed843f895e5dc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-147b5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLvzZtlD83eFKszFK%2FPWZ9846OP77be%2BoCVl7W%2Ff4eGJDiydXNk%2BrNs7fum2oiu3%2BCgbaS099kMfT2JBtlFgW8ExHgPP39VokUpUSUEEPgWKp01JNfyvtcq66d3ujKcV7WamzRE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa43c8eb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/core.js?ver=20151215
104.21.86.10200 OK 3.1 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/core.js?ver=20151215
IP 104.21.86.10:0
File type Unicode text, UTF-8 text, with very long lines (7693), with no line terminators
Hash 645f05a74c3c52b4f27a5b44c794fa18
aef324d8d1e2faae36686e6dbb12bcfd080c90de
186313e5cf49316a4816403a527482e2063027ab8711b2f7e77ee5d4c4ab83b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/core.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1e12"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmPEvp5ndDgnDvVjTrIPP%2F%2F0zt8iGHQ7K3Hhy9XmF%2B%2Bu%2FCHzLqlWrlX4F5VDczGtmIAf3oBjnjkpWxtvJEnuFneuSLtfUIFImYvtERjHz8wbVoD6pTNafn3QzoxEJRUKKE1mx8E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa43c730b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215
104.21.86.10200 OK 387 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215
IP 104.21.86.10:0
Hash 5b2eeac89cca9a738e26f2c45ca3b316
d3656cfa2054381a5c75c1edef82c379d48a46bb
400e83ee529ee06858a97b364dd9d9db8a65febfafab9334c602dc37cefdc016
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-397"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UH2nCTk3%2F6ntxYQ5m6cSw0E%2BawRKPVO5GWXAOBgVH3ayjhviqRiyBeRpCNn8plRm%2BmqPSOIz6WoibEFpc4wHAOkB2jjxv2GB8dzNaa8VAuBlibIemTZagXtZyaCjerT3ndBYAqA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa44a161c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215
104.21.86.10200 OK 187 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215
IP 104.21.86.10:0
Hash 2b2ecc6023c34d28dcf10a7b57cdf412
b5dcb37a2e705625537c8b2c62cd2ad96114fe5d
c95d89cd5045462341bd479951e46f511bc198a007e1c3c2f701d3da9d754e7e
GET /wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-ff"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWwLk1UYnWPPFPoooGT%2Bv%2B2MO4JDR90EnltMfmrr16uGqLJA6Lr9uQaAdGW7hKppJEU8xLTgMPDIDrPy7pzTSeaJoKD78kUic%2F%2ByhZUaMCZ%2F64bXep4QdFavF%2FpYcOV4vN5eSwE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa44c760b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/chart.js?ver=20151215
104.21.86.10200 OK 4.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/chart.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (536)
Hash 76ee9e365261a3cf2b0fd565d601b8ef
822164a3fb51ffb55a5c3356f1a79a29df58a600
264d38df92f6e62b140f92c260ac96af2e210429c40d7b19971313cfccd77af2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/chart.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-4d31"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sEOKhdAwdimIJPD6jzCptaY49Nb6U895vbTTwhlkqloy8nwFxpDcS7Plc%2F%2BxobTp2iEzWaT%2Fp0RBv0Gb%2FvApaw1TPdDcJbUF41GyhTGXVcL%2Fm3Wd4ZIDCpg55rUmSo9KAjPKzs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa44c9eb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215
104.21.86.10200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215
IP 104.21.86.10:0
File type HTML document, ASCII text
Hash 6c68a1ba6ceff473fc314ec07549d028
f242990a422188eddb1b50788f9dfc440001d4d8
fbb5edd301249c053007eadc8e1baf934937b273438beb9fe123984e4688499a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-bc7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LZuUBaRdo9GXgJIJ7gEQdUqjj5%2FK1KTInjF%2FK1es5AlxrNNnmL%2BDRfJNOI6ewlVyceF5RezK0Ls2P8WosZHqGwoQdYadbI%2FYlvsb5dAU7DdxSp1l8VI7FhYeBQDBS5Rd%2FpRLnU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa45cbdb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215
104.21.86.10200 OK 1.7 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215
IP 104.21.86.10:0
File type HTML document text\012- HTML document, ASCII text
Hash 5da0e9224ce987bb2cd10033c191e565
1c60cc73f9cde5503fd2823b47f55bccdd4a2a59
f4742f7e683472498056b4b5aef824a8992b398b82ef5dd8f6fd07e7e423319f
GET /wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1244"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdR89aH2KjoKfezmRsR5P32m%2BB5Sqs8kZYObCKG9IeVp68Xi0mTmK5qitFFD%2BSGK7DjNcPYIUe6ZZycOuZvfe1DMHa5JKHafwajn2oVWNPItAlGBOPdJiRyLn6URhHs3wPjhYJA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa45c7b0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215
104.21.86.10200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215
IP 104.21.86.10:0
Hash cfc860ea4db28072a31107b1209fe911
97f3a367aaf72d84a83600996efefeb0d3cb849a
6be53b71dbaa24897dc595a018bf5287257cdcd4a559c44b8a8af6d7d9842369
GET /wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-e10"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLarL02svhGbXpxD4rzcdrxXDeXX3P%2BBZ8eQHJuEwE0EAuTU%2B6NALIBt8bq9CQoROli1E%2BQ%2BlTEYL6diU4tXckuttF0S9tlLuqe4t8rFQCgO5pkROJfKeilwMEZcLPut%2FjROBVo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa45a191c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (324)
Hash 7adda2b653b829227d343abe1311494c
ff506aca52274fca851f381bd2a2386fd40da4de
2c43bcafef1aee5b49d272f9fe89b0c2c423748e3c3e2f9469d6c7ce64ad9187
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-c12"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DvZNQe0cIvFY55ujEVfgBu%2BJrKlvgjHggRXj83IdABVWfzafGP5QpuJfx5JeTVUUZ1cx1PxMZzf5AeE1i82e%2FoDVw7%2FM%2FVaWToKCvcUVtZHfDDMxqcz7G9ekC81Ml2ze00dCsY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa4ccbbb4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107
104.21.86.10200 OK 548 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107
IP 104.21.86.10:0
File type ASCII text, with very long lines (1087)
Hash 72091825ef7903704f9a7eaa0cc1f657
c89609424b128d042711f6a056d6b3b657dccc52
08c73ef9e50d21576593c091ee035966ba02ca5232d71fed2bb5d644cf3a4275
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:34 GMT
ETag: W/"5c125162-465"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FukjunR7h30JDwnR%2B00nsQVHRxseuVNvQGDk6PQbCLzyhCJ01b6wErfBA3rCkKL2HFrDydwyj18pHlwb2VQqtr4C5e8dR%2Fbz5AYh%2FTIA2F%2Fh45WFhZaMdgdPxeYIpee%2BNT%2F4Hs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa4dcc2b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215
104.21.86.10200 OK 6.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215
IP 104.21.86.10:0
Hash f3a8d2cf6a5f3c5c972830ad06462b06
04b63feeaf2840606fc82d86f48596b8733d8bba
8ff52ba129497b1cc4827635f0c2576b8af2610d08fb296faf2524cd1492d415
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-8521"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCFD%2Bgd%2BJfEb2ia%2FF%2Bma2SD3HNcexYS9tQO530gfx90ZtZwXC5be8Y3OzA9S6P5LCPGjcp%2BqqFIPfQYBQNDpHwf58aJ5%2FrG3UvweouSvgsZPbFEy90TCCubuaryzxfQ%2B2lGNdmU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa4dcebb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
104.21.86.10200 OK 5.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
IP 104.21.86.10:0
File type ASCII text, with very long lines (12815)
Hash 856be0bcf6f83bda23869b9d928070f9
78ec42aedab08604ab3f9d8a5f604756f160cca2
8b9fa2f42ec45e87a0c573c35583a1f17e99c7558651576a09fe82b0d38eae05
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:03 GMT
ETag: W/"5c12517f-346c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fdA%2BrIvL05Mn5fsYDHzGhVlRngQeLHtcOjhGwpzyfnuWQxHhTT7oqCL8PZ6e%2BEkjyeCDpR2pZZud6a4Jnciv5kSa1rV2SgF2p4dnSJFoi6SNSBiZ0X73dFyb8MZJZB2sAzuS7s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa4dca00b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/wp-embed.min.js?ver=4.9.8
104.21.86.10200 OK 756 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/wp-embed.min.js?ver=4.9.8
IP 104.21.86.10:0
File type ASCII text, with very long lines (1398), with no line terminators
Hash 77ce65aa27658b26944312e742e1d204
952f595220a39db2f6c8e65c648fa6b1ecf92024
277851a5b1d095133da0244edd6952c2f6fe5ec1b25633812001abb796681616
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:17 GMT
ETag: W/"5c12518d-576"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epYZoTRVrSp%2FUQP0OQnHxJLxNGYWkMlj%2BEdfY9zIxWHwf8uyOGOEujMrVUIQkWqgTMGd6wOdleTy4PiGrXpWAdiMrYHf1MWBjTf2oq82uSiSdD%2FihM9oPZjuOWranrUbRm7SyeE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa51a381c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/20.jpg
104.21.86.10200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/20.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 6862c45fcda952f87186d1f3d2554cda
bd49e366c30b91c43fb21b9ecc22931bef10cd87
8c5e9ccc26edf1e73532bc52ef16b4a5913432cc2e21582e1d2f4ecc46d63376
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/20.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 13883
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-363b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94677
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ao9p%2Fx%2FjvLokbZJ5Z%2F7%2FP7gB5q%2BCFpiSwq8bD%2FV8Uvsbt5SodZ60eSSTVcoLCxKO9J2Y31Mq2GdX6XEE8WYREDvvz5Srs8p1O5XVpEvM1W5Wq1PAFpOZ0xBDFHzaMc8ntduff%2Bg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa54d1ab4f7-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/22.jpg
104.21.86.10200 OK 582 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/22.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 491f4828633beaa3c3e80842f5614d31
006a1a34b0369666bb2a39abf38d1d3299a00b2c
bb5440351a19c48c580ca2d6583e9458437f8fdc04add4702a01e33a900cf93c
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/22.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 582
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-246"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94677
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBFA6VcxQIzQl4stkYbGoZ0Icn2pUT5%2FeRmtrzHqhJWRGmTUIACBQ8J%2BArVoBKDsC5WN0SuIluI4LMr0y9ntID6ftfzoQbZQa1%2FbcalgYQ5b0M4inZHubr6ltjvqAkH%2FNzjvlbg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa54cb50b31-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg
104.21.86.10200 OK 1.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 1e196375ebc7ccbfb4c47aeb3734c109
1bfd1466ce267bf0bccc357fdd9e0d3a315c6532
1b7185720d91ae5783fe3b1825bda551f4358b223fc086d19cc1c8f98bd9dd50
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 1027
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-403"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn2Xr7BASTFfSuo925XFj9X2cplQ%2BsOzYbaLQox7XgY6905h12KCm%2BcORZATc1HoFFB7R%2F8rEYd4GtKUVE4WVZyH%2F6qrdLEAS8TSP1L777QZrtEV6jyYkvns8qeOZvCME7ZJf%2BI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa54a451c12-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png
104.21.86.10200 OK 20 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 93551a3aa448b291fb298c65875cb86e
b215ea724beb57ed1d73290d86189a384878a629
becc186aefcbbc15ac415d868dedfb684539a2e97deb52fcf6aa932833d52185
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/png
Content-Length: 20026
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:37 GMT
ETag: "5c125165-4e3a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc0K4aRwpjeR1bqHs65C3obNJI5aCm0Yocl6ush6CM%2BCctAExzlRVYCrWF8f7oTfL1wlHQsKBpHqu22CPLxeFFbCLYaMStJOtBvV%2BXcyi9XEyJV%2BDgVGOTQACmM6gvCMQshvQwE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa59a521c12-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
104.21.86.10200 OK 4.4 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
IP 104.21.86.10:0
File type ASCII text, with very long lines (9118)
Hash 753d9a1cd7cc47e65c8b7c21543b1616
c4d57275c339b3b8df1d24124bd10d0926b5575f
8a04b00f98848434b8139a8cede0c5bb33334ea3be64ddd3bfae16977b396a6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:18 GMT
ETag: W/"5c12518e-2efa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HahSY636ZCQ2K9WmXfEC2MynGKUPbWTXjvL3kCq9qCMzzkDEQxcOHQndWnw3lnVpNZa5yMN%2FD7sInKsJN4XYSEra0VBrztfmFg5ruwWyoaqHo%2FsJvzWt45jbUNv%2FgNSW858h8%2Fk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa5aa551c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 404 Not Found
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZie8nm9FBpgKOsc9CKJhb4KLZMGLM6oYTmT%2FjTTaKmPjpS7%2FVBBZOndR%2B4m3ALHob7GXJKow0bAQCxFJMB6ofg2fJeRXrbgRqfIVwBrJfTQtRozZCPnvxqWjgn%2B7UIY9xaljEA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa5ba591c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 404 Not Found
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAU5OjJOfKGA6C2%2FJ7ikSEDD3KNGYYxjA2ux%2FqRDG%2Fhv1DuL770f1wob3Qoz8zEtiuO%2BPypXgw%2B4iFqNgyHdT458JWjh9%2B5g%2B7fPsoo%2F1ONXqIwWYirXeWc10ZKzZNZFIeApCww%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa5ba5a1c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/4.jpg
104.21.86.10200 OK 5.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/4.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 8a577ce177521a9ba3186b40395e109b
17b18daf28bae4d324f4ad0d1dbae36d91a57a98
80d803be85b451bab0a6ea8aa227de695f973fd582ff15efb1cff4930df375bb
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/4.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 5519
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-158f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 9796
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNPTtEVEoueBoBe%2B7Wi5BW9zoN1POCL2t7QXSDFx2UKVeG6O5eSyBK2iQvpLr%2FCFMXQHePj7KNp9Je0C2kJuSSm8fE5hrrONPSoWhbMQJGR6hjBjXv%2BIzhORefH0oyzdKsgD4DM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa5ca5e1c12-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png
104.21.86.10200 OK 15 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 464b73a2f6a9663f96380be90087ee51
8e2c879dd21aaf4a9237168483ecd4f229fcdeec
1ed3a52831e8816fe8a7af982270c84b8f2fcd24b2b05991a2ef8997e4409baf
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/png
Content-Length: 15070
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:36 GMT
ETag: "5c125164-3ade"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94677
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tc4XGdRAfqc%2B8cRyhiS2imRa7Y92OWX32E9ZbwYmSK1OeHpnpgyJeccwqplJKrh%2Fli0WB9SdJK3UJDRD5g70tVjeG5gdaeKMRIQDsfQGu2L5wSpvvuczjOzs0gh0UolNOAaSeKk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa5da601c12-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/uploads/nomera/belyj.png
104.21.86.10200 OK 12 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/uploads/nomera/belyj.png
IP 104.21.86.10:0
File type PNG image data, 300 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash c7ab9f734a62dcdd05915b9c6efcb651
bd03a65c70bc1ed2912a4b32c6d7b632601ed508
c5a4422379aeaae1188613e1fe0c9743f944e099847f7a47a0f2bf893ec66585
GET /wp-content/uploads/nomera/belyj.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/png
Content-Length: 11685
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 19:48:14 GMT
ETag: "631f8cfe-2da5"
X-Cache-Skip: 000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuRxHfGG0TOyPf9MsfN24zdBLQ2logdu%2B1yq9hLY6cykST4jXnnk%2FllrjhUEO%2Fzux7%2FU3adf%2FnzNRmmNGItrkG5Gd2wIO%2FjukXTzvpzsCfssrOCi1f6cW6e7TSoylj9pDKWURCM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa56d21b4f7-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/27.jpg
104.21.86.10200 OK 4.9 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/27.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 231a258b9fbad6aad7e9e62174d47d81
3b9dbd8f2d318e618214a64a20f9ccfaf2857be3
4c3c7cc821c704381ff95b438cb9999c413fff9e346e98f80396e59055191f47
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/27.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 4911
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-132f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYBqdQdrSP3nCq1s8ZVbWB%2Bw4opSrRQf%2BnSzRw3%2Bip5l7cEcJ0ZyjBOyy3M5gfmjAqK3Y9%2FHKnACsaGafxI58EXC%2BWT9ua6%2FGh8SaM57tyjA2c1zONuTmz9Krxnb79azTyEAeyE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa56cbb0b31-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg
104.21.86.10200 OK 7.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 6ffe430d51d22e42c1c60bb54257890a
65176df4d28ff4662f75b209d2a5e2b2a7bf709a
50a64f26cfaf466f92fad11b097701d16aa3e1aff6e3b6488e2ee268129719e4
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 7346
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1cb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94677
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbMxTDl%2FjfF1GUeKvY%2FHYtZu%2B1xo58lEiPXO5S9RQHhEw5au51XVfZe%2FC6%2B0epvK4HgQ9cZYeSA%2FHjBqTVYJwTV%2Fj1bWWNDGtkM9UPkL2MR9yc16kh8j9gRqisfu0VtfRtPAPm8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa61d58b4f7-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png
104.21.86.10200 OK 18 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 8413bf6f1dd2223f3be09256f755c682
2f99d0744f451d7d631fff57510c99ef5a0cfd15
bf75418f7c7e4e45ba7c9ef9e2f0ae766660e4290022bbd91ca89116a8111bc7
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/png
Content-Length: 18310
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:36 GMT
ETag: "5c125164-4786"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94677
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcmHAHq1su5Rv8TMb8UEt1gJfa2DzV8%2BEdhW2UzpEQ%2F%2BlMa%2FbtcrjY2hhkZ5oa9w%2BLqCFwpft3mzY7zkFgG3MW%2FvlrFFUavhbJeppB2YSz4JM7ewQ5Qi7MGPFxWLvO5loz90uGI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa61ce50b31-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/19.jpg
104.21.86.10200 OK 1.9 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/19.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 9073c329e42c459c8c0f16a11d0b133f
8b2f7d0e084b311e55595831d6d96735f3497948
971db99a0de97e13c1544dc4d0185eb22f5256051d91cf70ad6930b896e86105
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/19.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 1909
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-775"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 9797
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3n7AwaJ6wvgwsD5k%2B6T1oYxFOyTRED1pkGWejNypwDgAFqx%2FWVc5FbiX5Z294Rh5MhFlO86wpNml9OeZz9n70LAT%2BKoBcXFah1uVU7na9roNK8tEQzF0pCAFLThUK3QnFZs2GY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa61a7ab521-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg
104.21.86.10200 OK 17 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash a20dff5090471c85d6257543fc617901
132061a805fea75cb18783d0b0df68770d0550c0
e857b935368f2912f670bee1b76aa9232a97a1f0b76af6427960ba49213ff746
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 17223
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-4347"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sujQr5JAEcSN%2BVISl36J7Kb95S%2FEc3Mj5gJOF0%2B%2B7NpMJbrvBEOamFcMLsJpY%2Fn9RjClziwX%2FGSrt1IfjQL07Js0ntH6nW4Kkbo83QsjsWf2kbqPmnIMvYmpmpH4%2Fw52mxUnpzE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa54cf7b4f1-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 53dc3bccd020b1c787b61c3fcba37530
af37967c171f952ee6df39a93e619e03d8ab6578
3b00900f46fa91ce560e670ab7a4f009e47d8118c02e9e6bc45cfd890f8a5eb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B00900F46FA91CE560E670AB7A4F009E47D8118C02E9E6BC45CFD890F8A5EB9"
Last-Modified: Tue, 08 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Wed, 09 Nov 2022 09:53:03 GMT
Date: Wed, 09 Nov 2022 03:53:54 GMT
Connection: keep-alive
kozbanov-lawyer.ru/wp-content/uploads/nomera/temnyj.png
104.21.86.10200 OK 11 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/uploads/nomera/temnyj.png
IP 104.21.86.10:0
File type PNG image data, 300 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash d1f737435cc723c3553584f055a12cdd
7755990090cace7bc9b060b8978f2d582294f531
4a36c501294130673ec66f93c7b153a225960ad42d91aeab997f023aa92d1037
GET /wp-content/uploads/nomera/temnyj.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/png
Content-Length: 10965
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 19:48:14 GMT
ETag: "631f8cfe-2ad5"
X-Cache-Skip: 000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpjT1Han8nKJhT599oJt2wyA6SC6A3SMG0%2F3XSJDg9%2BLFEX7Rv1Km02GuBbzRFxrsVdzZBjXzt%2B7vmZEKu0QE3t1jwTQA0oJ275xudMki1yKGx1i5PKTkBrn2pYDhgmU8Eik%2BbY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa5ea641c12-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firma-pravo.ru/wp-content/uploads/images/nasledovaniedenezhnixvkladovporyadokprav_600A9469.jpg
31.10.5.214200 OK 14 kB URL HTTP/1.1 firma-pravo.ru/wp-content/uploads/images/nasledovaniedenezhnixvkladovporyadokprav_600A9469.jpg
IP 31.10.5.214:0
ASN #207728 EUROHOSTER Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x225, components 3\012- data
Hash 323e5ba0f91906477f28e562ac692f65
90064d31e3268011726d8460bffafa1fc1f76479
88b4f20aa5c4c12588a9ba1de1d7c85ba2dc86a5b50213f2ac224e4170f0d7ca
GET /wp-content/uploads/images/nasledovaniedenezhnixvkladovporyadokprav_600A9469.jpg HTTP/1.1
Host: firma-pravo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: image/jpeg
Content-Length: 14117
Last-Modified: Thu, 24 May 2018 12:47:26 GMT
Connection: keep-alive
ETag: "5b06b45e-3725"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f0c1ba8782042e64d296c64158811a67
ae25bf491e6f7381e4eecfead2a61e95489c850f
eb70540a2e2a591edb02abefb7ba5e08d35fe532db6469c1df9e45e5c4bb9983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
Hash d9b122d7060d396c9461a65c1d3a4909
a4cd7cebe88fc48fe5912ec67a0a361e7a92a270
b4f4e302d2117a15e23444c431d205fb48ea1cf695452417bcb530bbc50a10a8
GET /css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 03:53:54 GMT
date: Wed, 09 Nov 2022 03:53:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
172.217.21.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:27:53 GMT
expires: Thu, 02 Nov 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 548762
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 68a1934f41ca3ef6ff5f3b5af84abeda
42855b1bab2bd11be34d3c2d8a0d33d4272f8e1c
60dfec35a90fe5a6f1caa7b1d245460f3f1189f0440dce4ccf3329b27385c772
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
172.217.21.163200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 29928, version 1.0\012- data
Hash 609bea65e2bf8ee9b728a85a8f1b282c
a0d2fbcf012e6554fb8cb182994ec8eb744ab65d
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:39:28 GMT
expires: Thu, 02 Nov 2023 19:39:28 GMT
cache-control: public, max-age=31536000
age: 548067
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
172.217.21.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 28444, version 1.0\012- data
Hash e996a4db02cc36705ce700e4b5d06b3a
c5fa1dff68d7d83689f58bc498caea9041cf7b75
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
GET /s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:29:11 GMT
expires: Thu, 02 Nov 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 548684
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
172.217.21.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:14:39 GMT
expires: Tue, 07 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 110356
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
104.21.86.10200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
IP 104.21.86.10:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 006849bd75bbbb96d5b1f5997bbeb52a
21ce90bf8bc0105fe13d635d5f9b8404d8759e82
56c87ee1e1a6878217897741f85a8048012b693a4cb6b03804a322d8fed02a88
GET /wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:55 GMT
Content-Type: image/png
Content-Length: 1286
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:34:48 GMT
ETag: "5c1251e8-506"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDvaf7CJc0ngrcjpuS28OOfLuVKmwH8XF9VjTYUCtLDXVTtVqB71dGg7%2FJLC3LiYCf4%2BXAULbKoQk9hJpFw658fBLzIyY5KImgJo%2B2r2%2FjkCcy8XDm3w0Ao0MPB6DUAAabeWwDo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa72a901c12-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
172.217.21.163200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:54:22 GMT
expires: Sat, 04 Nov 2023 22:54:22 GMT
cache-control: public, max-age=31536000
age: 363573
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d9c5707eff18c160f17c254203cbead
c602b7ceb6051a495328348e49acca8f9900acbf
173373cc60da9f58c01754b402a42a72e6a4e17b76219b80305eebe83d86b257
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "173373CC60DA9F58C01754B402A42A72E6A4E17B76219B80305EEBE83D86B257"
Last-Modified: Mon, 07 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17482
Expires: Wed, 09 Nov 2022 08:45:17 GMT
Date: Wed, 09 Nov 2022 03:53:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 68a1934f41ca3ef6ff5f3b5af84abeda
42855b1bab2bd11be34d3c2d8a0d33d4272f8e1c
60dfec35a90fe5a6f1caa7b1d245460f3f1189f0440dce4ccf3329b27385c772
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/CKriMmokOOE
142.250.74.46200 OK 28 kB URL HTTP/2 www.youtube.com/embed/CKriMmokOOE
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58557)
Hash 1e00138b5b14c56ff5ba3a1a4254074f
9b6414a4584dfcb379102f07938358fefdfba5d8
e6284ad269382111f60d022f50fff9e743f0fdaed14d2a7e8ad5e539c7e0329c
GET /embed/CKriMmokOOE HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Nov 2022 03:53:55 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=8YIOeEN9BTg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Nx9wqjKbKCU; Domain=.youtube.com; Expires=Mon, 08-May-2023 03:53:55 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+262; expires=Fri, 08-Nov-2024 03:53:55 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c4225c42/www-player.css
142.250.74.46200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/www-player.css
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 37393b2e4e70f3fac5dfa2c993352c39
541dad400eda83451bf1806bc750f9f3354d5330
feabbcd01808e9c02f35851ed15aa5edd605a6e69c855229633360775bc21325
GET /s/player/c4225c42/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/oEfLpra_m7Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49779
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:52:16 GMT
expires: Tue, 07 Nov 2023 17:52:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/css
age: 122499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
172.217.21.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 314517
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js
142.250.74.46200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (679)
Hash 26abdee2f7fda61acfbceef73f936a78
58ddf48c21798f2dc309ba38d8432949be2f837b
8a340b331b69b7fff9df67bea03c42248219e5928cb5a662a58da0c4a0df0fd1
GET /s/player/c4225c42/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/oEfLpra_m7Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98145
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:52:19 GMT
expires: Tue, 07 Nov 2023 17:52:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 122496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
172.217.21.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:46:16 GMT
expires: Fri, 03 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 454059
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c4225c42/player_ias.vflset/en_US/base.js
142.250.74.46200 OK 589 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/player_ias.vflset/en_US/base.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (573)
Size 589 kB (588928 bytes)
Hash 3c61e04a6271d4bd4d300ac9a59cf528
0b10d7deda462da8d0d8da1743efdc86307b6081
e1ff4de147ece58d8999e47403beb0610e251b18635f18a356f3b0129998fa4d
GET /s/player/c4225c42/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/oEfLpra_m7Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 588928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:56:44 GMT
expires: Tue, 07 Nov 2023 17:56:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 122231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.46200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.46:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/oEfLpra_m7Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:52:19 GMT
expires: Tue, 07 Nov 2023 17:52:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 122496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 09 Nov 2022 03:44:46 GMT
cache-control: public,max-age=3600
age: 549
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0
104.21.86.10404 Not Found 42 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (20374), with CRLF, LF line terminators
Hash c55c14874fe6bbb8dca614dda7025061
d6ef205ebe109ac464c80ae535c3b59aad4d73b8
ad7d88a7adf5e0d67a84a5a783c789addee413daea3e1c2e7bd6e4d3d0e704e2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
HTTP/1.1 404 Not Found
Date: Wed, 09 Nov 2022 03:53:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
Link: <http://kozbanov-lawyer.ru/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Cjpn2XVNnIIzrBsfrEjYemd2WlajVT4X3JKX3m0LsmDiPrSGmV4z90zJP6sWrmQ%2B1p9mL1CEMAGH2vEbNeBeDJS3CZvxivdUR5fIzeRlpO48L49cF%2BOvbVaXObp%2Fbiue%2BRQVFI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa70da6b4f7-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1845
Cache-Control: max-age=107016
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 09:37:31 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
kozbanov-lawyer.ru/favicon.ico
104.21.86.10200 OK 1.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/favicon.ico
IP 104.21.86.10:0
File type MS Windows icon resource - 3 icons, 16x16, 16 colors, 16x16, 24 bits/pixel\012- data
Hash f2f1d96f7391d0ea847d0d356514bd4f
26a24c46bfaa5134934265af029bc47d23880379
92a9c2ca41b28538e0e0f90ba277d2f0a24d5406b275a59abbf1f430b7925b1c
GET /favicon.ico HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:55 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 19:53:44 GMT
ETag: W/"5c8d5448-92e"
Expires: Thu, 10 Nov 2022 01:10:38 GMT
Cache-Control: max-age=86400
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 9797
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYx0mQxITk1VBRsO5cckARM6vWsW7d1wBNF5QQqjCq1QqCRnuzB0bFfFrYC0wCMqXmFPPB6HLctqyw3kJNpob72Hs4TjurZq7QGgsM8b5T0WWIEtnqQ0zWLRI8mCj9QBEnmIDmE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa9cedeb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992;0.8992637327515671
88.212.201.204302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992;0.8992637327515671
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992;0.8992637327515671 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
HTTP/1.1 302 Moved Temporarily
Date: Wed, 09 Nov 2022 03:53:55 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992;0.8992637327515671
Content-Length: 32
Expires: Mon, 08 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 2de5d788107d74e7e6d2f2501864b8f0
eef070192fbd66f118532587b79a3adb3d6d1c7d
fedcf60d2a18119eafa8061cc8b40a96cbc2aa415358406cdacfb5948486396f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 13 Nov 2022 00:39:17 GMT
ETag: "eef070192fbd66f118532587b79a3adb3d6d1c7d"
Last-Modified: Wed, 09 Nov 2022 00:39:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 826
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aab9c590afa-OSL
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
104.21.86.10200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
IP 104.21.86.10:0
Hash 23e17f167eaa8531f3856522fd804767
54095592e17bb4430708061de1a19d3d211ee8bd
df3de2ef1e432745a16b482fb71018a828e2782c04dab6fdefed5d7bb09892e7
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIW8dU42EwP0P%2FBn4CMKKpJPQeh5abqrNyxB9cpi8zdCCYV7xK3mgUKoWvMFzntzMhCcHe8WMXuMBiFuZWJ5HE0gt5BQ0YmIbbqxpZXIowF6x9%2BWlCaUkk96%2F1sPha9zp6HLBFw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76739aa3a97ab503-OSL
alt-svc: h2=":443"; ma=60
counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992;0.8992637327515671
88.212.201.204200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992;0.8992637327515671
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 43af276eefaf4f8c43f9d1205ed559b0
0f538bb412beae5e68af2a10e782e681b0fc3a45
49f818c3bf653b785505eb4582687ef1b6d2bd0a208b6c975bba742c768bb91b
GET /hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992;0.8992637327515671 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kozbanov-lawyer.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 09 Nov 2022 03:53:55 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Mon, 08 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3fd3a3910ff028a1b8a1f72bc93e91f5
9ac0351ab9a803e9647882880b4f56693fd769ed
d881fb422e3eaa5ec00a7f6aaed965ac8bd93b2e14970db59c37ee0ba66b0f80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 03:44:05 GMT
expires: Wed, 09 Nov 2022 03:59:05 GMT
cache-control: public, max-age=900
age: 590
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 09 Nov 2022 03:53:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 09 Nov 2022 03:53:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3fd3a3910ff028a1b8a1f72bc93e91f5
9ac0351ab9a803e9647882880b4f56693fd769ed
d881fb422e3eaa5ec00a7f6aaed965ac8bd93b2e14970db59c37ee0ba66b0f80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 09 Nov 2022 03:53:56 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 32dc16da622b0f6c38282fc7fc1e543a
a93023bc6dcd7c13a626096154e9314b9e4bae34
9039fafc8c33ee76e9fdf9ebc0abb123951acbb4010432571ff88c118c4cee64
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 09 Nov 2022 03:53:56 GMT
server: ESF
cache-control: private
content-length: 30779
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dee3039809fc2026852697eaa005560c
f4f6b76cf09e0a9e756ab6b9b8be26cb6e15b2c7
8091750102499bbd5d92ea3e89cf364e833df30e186963d67a0d66a13751ef8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (35974)
Hash 89da5756c3061bf086f28e85c062ea28
d46d62afb0048e31e65c624e26fc5620eb1e7fdd
7c5e7453571c65550671610b433b6a9ce831d3532c6c503539f8a060e5b264df
GET /js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14351
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 00:31:32 GMT
expires: Tue, 07 Nov 2023 00:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 184944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
172.217.21.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 9832, version 1.0\012- data
Hash efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 23:13:18 GMT
expires: Sat, 04 Nov 2023 23:13:18 GMT
cache-control: public, max-age=31536000
age: 362438
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 558 B IP 142.250.74.35:0
Hash 022d23a98808f816c62e859f4d3b1184
8a60b85907935e4d30edcd85e3cb19b246f582eb
89c4c4a7aad28d903f2dff3e0110d6ca45c46d8614c23f04f0f0479c9b47583c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9eaf4a36a10a59336720b51cecee86f0
89d59101afb96f13462e0592bafe79e13530a970
c49e14b8bcf382fcb2311c7056ac7a279f1b5cbe0b29129ec7d9868901b876f4
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 09 Nov 2022 03:53:56 GMT
server: ESF
cache-control: private
content-length: 30717
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/oEfLpra_m7Q/sddefault.webp
142.250.74.22200 OK 24 kB URL HTTP/2 i.ytimg.com/vi_webp/oEfLpra_m7Q/sddefault.webp
IP 142.250.74.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75af540d729ae7c2a3792c2778fab125
a1ec3be9d3c708f9468ab6e91725a77e763e8991
4dd1e22acf3ac307f669c93e4cc3b365a1ecdde72ec435ab17f1b13b5ce58d9f
GET /vi_webp/oEfLpra_m7Q/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 24498
date: Wed, 09 Nov 2022 03:53:56 GMT
expires: Wed, 09 Nov 2022 05:53:56 GMT
cache-control: public, max-age=7200
etag: "1578944820"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dacb6df08b90bf743c8171b474c45ab0
1efade0f09bdc50845ad9fef25bb818c136aa87b
db06ebe5ca7ec61c2a8304751e119d159cac6a5237f01f88b6c4452642e168d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-OobYdRvZFHGSiaiUNE6X3Jf3fTAFiG0M2NYzCpg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.4 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-OobYdRvZFHGSiaiUNE6X3Jf3fTAFiG0M2NYzCpg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 0be863e66a3115b60760ba68f72a5f2c
84133b2bf8f69741d613fbb05d24037fe64a58e6
05bc758d185ff7b9eb5c82e575212b3209eac83936a07821a2734ad09936e2df
GET /ytc/AMLnZu-OobYdRvZFHGSiaiUNE6X3Jf3fTAFiG0M2NYzCpg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2398
x-xss-protection: 0
date: Wed, 09 Nov 2022 02:43:47 GMT
expires: Sun, 06 Nov 2022 15:06:30 GMT
cache-control: public, max-age=86400, no-transform
age: 4209
etag: "v741"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/CKriMmokOOE/sddefault.jpg
142.250.74.22200 OK 33 kB URL HTTP/2 i.ytimg.com/vi/CKriMmokOOE/sddefault.jpg
IP 142.250.74.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash b187c564ffeb3ff5f3317129ebec7281
68a281518fbb638fe2c7d69be23fa419f6f01fd1
617baed9ff1ef1656d62c7e3667d59770af76aa11ae57029f55c6c6359a13540
GET /vi/CKriMmokOOE/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 32978
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 03:53:56 GMT
expires: Wed, 09 Nov 2022 05:53:56 GMT
cache-control: public, max-age=7200
etag: "1406706749"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu8yAI9ZeTAI3uqSPUoXQ5BsnAOrZy_Rk1c7nSRq=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 5.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8yAI9ZeTAI3uqSPUoXQ5BsnAOrZy_Rk1c7nSRq=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 60fd2fbbcff29909215af561e34173a2
ff65d09b600efe26a9c1cdca9e7a2f6531fc61c8
957374a0b579171539ad6443acc0ec03c279866d1e9ad3f75014b00e5a336b74
GET /ytc/AMLnZu8yAI9ZeTAI3uqSPUoXQ5BsnAOrZy_Rk1c7nSRq=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4952
x-xss-protection: 0
date: Wed, 09 Nov 2022 03:53:56 GMT
expires: Sun, 06 Nov 2022 04:35:01 GMT
cache-control: public, max-age=86400, no-transform
etag: "v38"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash bd3760d9339775c0c008b9aabd061307
9c6ad5c360d754a3a1c3353e9eade7df9a833be6
10d68b4291d9f1d068e10d8afc46073aa5921bd68d517c7bddbcf13638a0aa88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dacb6df08b90bf743c8171b474c45ab0
1efade0f09bdc50845ad9fef25bb818c136aa87b
db06ebe5ca7ec61c2a8304751e119d159cac6a5237f01f88b6c4452642e168d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:53:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0
104.21.86.10404 Not Found 6.9 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0
IP 104.21.86.10:0
Hash f2f201b9903cdd40b1ee01a246beab2c
8faac87e3ffbcb85c78afc3711d5638b944027bd
540444826ac8d42c70d528d8bf27d79032ae17434a9c3e76fe8d0d48c0cf07df
GET /wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
HTTP/1.1 404 Not Found
Date: Wed, 09 Nov 2022 03:53:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
Link: <http://kozbanov-lawyer.ru/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtCXGA28AhTrEUIjDHmbkUpa2ca26rv4k4r4vR72H6z7M%2FTfJqw3TDfPw7t%2F3afyPCPKaPhrnbBhz0FV7B9eNCs3Eh0d2pHWGA6Vk07r2pEXnnEcd3zPAvJhMlLyt%2FE2q9kFptg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aaa5f2ab4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 09 Nov 2022 03:53:56 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8c3f390c2525d7293e1ad9eeec41ffd6
cb7b92cb1dd269742d7e7cb030e702ba095faad0
e690d96244e6c630b153aac3eb894fef19e015df4ba97c39de3090bcdbc5765d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 931
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 09 Nov 2022 03:53:56 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5cc97566fb7f40930febe83a004b9c92
efa8990907050aa62f3d3eaa697fe8b75a795718
03dddbb4a1e21faf57a2a6cd80fae55cffdbad94d6191795aff3af8529247deb
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1176
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 09 Nov 2022 03:53:56 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 03:53:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 03:53:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 03:53:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 03:53:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 547f07effeda1f7041b06fa3f10f90bf
d453f8017ebbbb8362f745a15c95acbddf55ac26
c4c4063cae55e4e2192ab2ac98543f4495a81879b8001fd2efb7989ca6eddba9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2808
x-amzn-requestid: 47475ac7-05a1-484f-ab46-c44c804b152d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTSsUHrdIAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acb1b-10cd67f67a61ddba16769db9;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:33:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UwYDSFfv9pZsgYa2vnFmsQSqaMWZI1XmeVog35jJMrpxM67nMFI6QQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:27 GMT
etag: "d453f8017ebbbb8362f745a15c95acbddf55ac26"
content-type: image/jpeg
age: 21090
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da90dc6a5f2fc0c07e1e3d7ac0f1a67c
131acddbc0fefa19de876f5254d21370691b4653
60a17b9d4f66a571b54b17bcdd5ae19942bd8540569663611a3a64c07734417c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: bf8302ba-8138-4b4a-8821-fe1c1d1864fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMYDHEoFoAMFqVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636806e0-7b5856224000122233ad81ea;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 19:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4BaZ-LMJyYy_6UTMKjwjUulT4nAc0pxyJvmTmsy-M_WGXw9doIO0Vg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:03:36 GMT
age: 21021
etag: "131acddbc0fefa19de876f5254d21370691b4653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb3fe96fee7d9da0905d9d565b44fc32
c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee
2b602aa92c61c060a0cfa9b13a7bbbcb65388b91559702c4d509bf199cf30bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12796
x-amzn-requestid: 31108e5a-3c69-4b62-99ea-1816df71a2aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuDcEzooAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d49-708c32857b683c5a39046202;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hRbYl8z9BgnFvtV-7f14N5JoCSebFBrKB7-seyEJAFPN628ccXDjLw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 07:43:06 GMT
age: 72651
etag: "c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b4ae74d6a926ef85ce993a33f7d8a3f
9ce8d453c5ab8f7682e5ee3641a37b1abe1a8857
61b2fea439945e122a8502ab05e6c68bc1b3a9d8c639344ef5b04dfcc6889a65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2766
x-amzn-requestid: 934d6215-528a-4e78-bc46-3b0838d94671
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3d2HMGIAMF7Gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2be-0c11c2fb6ebc48eb1f0a3aef;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OMbpNCSxrKRiI5pF-AOJuTpFYdCHl00zMOLWxyXZAqWxnq3FJPsSaA==
via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:36:18 GMT
age: 65859
etag: "9ce8d453c5ab8f7682e5ee3641a37b1abe1a8857"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 77156
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b52a8b78f7273b02455e93107edb9633
7a09033d8e92af7e492e5ec41d6d90c473b848f6
b239606b1c37e680536a899808e845ccf270b1eadec03476e0cbfdf9911c149b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d4ddd67-c616-4121-a20d-93a46ca683a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7620
x-amzn-requestid: 4938029b-6e40-4549-8404-63ca28e79961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTU_WEQgIAMFU2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acec8-2bda1b015e94c4127df2b052;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:48:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-7W40j1csZhuoQvk_awKDRBjxJukydzyRVHvJNBSBx-AqYJQrUYGg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:26 GMT
age: 21091
etag: "7a09033d8e92af7e492e5ec41d6d90c473b848f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
104.21.86.10200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
IP 104.21.86.10:0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 110
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTTFUr2EXbct%2FBDJZAx13OMyXVMqOumxqg49C3IhA%2B2J4OT3xUhr9Gmf2AnLLee%2Bj0sRM4eHK%2BREYzpiz8cm5xWQNujD26mlU19OIU9yG6WiNAznOFAud7htwTrTeTG8D4gFdhU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76739aa3a98fb51d-OSL
alt-svc: h2=":443"; ma=60
partnerforce.ru/widget/law/v4/js/loader.min.js
104.21.16.253200 OK 0 B URL HTTP/2 partnerforce.ru/widget/law/v4/js/loader.min.js
IP 104.21.16.253:0
GET /widget/law/v4/js/loader.min.js HTTP/1.1
Host: partnerforce.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:53:55 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 16:48:18 GMT
etag: W/"5ef383d2-f6a9"
x-cache-skip: 100
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqqjFMRpG3HLaHgsuEwqKNy%2Ba81DoHj9PYHfhnqM25QePGHHCHv%2B5zUYiUmoRYkYZL9lf54256a8k5%2Be8t%2FwH52rwTfIAb0dsk75GP2e8iYZ6aYsJPNf3kqvZE3lbyJgspM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76739aa7591b1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215
104.21.86.10200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215
IP 104.21.86.10:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/porjadok-nasledovanija-denezhnyh-vkladov-51992
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-39d19"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 94678
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3EglI5ccxcVQ7cSMTOv4ymZTD7ugt9bq2nFZBm0XsqUlqQYiuj4X49M6M1le7lEoz%2BSeBI3u7whap3%2BB7355Pls%2B4ND1eVKH1mK7zSjrLPMd18LyrktxUgf%2BM0PZzYYFMp23QQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76739aa43c7eb4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.youtube.com/embed/oEfLpra_m7Q
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/oEfLpra_m7Q
IP 142.250.74.46:0
GET /embed/oEfLpra_m7Q HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Nov 2022 03:53:55 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=WzSyr49fQtk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=8aEMZ_MQR54; Domain=.youtube.com; Expires=Mon, 08-May-2023 03:53:55 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+882; expires=Fri, 08-Nov-2024 03:53:55 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&subset=cyrillic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&subset=cyrillic
IP 142.250.74.10:0
GET /css?family=Oswald:300,400,500,600,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 03:53:54 GMT
date: Wed, 09 Nov 2022 03:53:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2