r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13302
Expires: Fri, 11 Nov 2022 22:27:32 GMT
Date: Fri, 11 Nov 2022 18:45:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1828
Cache-Control: max-age=144965
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:50 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:01:55 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2208
Expires: Fri, 11 Nov 2022 19:22:38 GMT
Date: Fri, 11 Nov 2022 18:45:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 11 Nov 2022 18:44:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 106
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7d1f8ZycjGDO1tVIXG8btyaJXz2H/K+lNRkgYONQYi5a76DKZpb19/UBXDqwovDdFgsMjAvtz30=
x-amz-request-id: TJ1NSCTWYYZXTZ0K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 11 Nov 2022 18:12:40 GMT
age: 1990
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:45:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 11 Nov 2022 18:44:48 GMT
cache-control: public,max-age=3600
age: 63
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3269
Cache-Control: max-age=141330
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:51 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:01:21 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
f0711495.xsph.ru/
141.8.192.165200 OK 19 kB IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash f83abecccf49fba0b178f407d069ecbf
f80b257cb32dd0eda71ff99b88206261787cc19b
fd3a2681740ecd930ef908dbc8e60b383e8a27b1c6cac2039e49465c09c6d2d2
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Pingback: http://f0711495.xsph.ru/xmlrpc.php
X-LiteSpeed-Tag: c1c_HTTP.200
Link: <http://f0711495.xsph.ru/wp-json/>; rel="https://api.w.org/", <http://f0711495.xsph.ru/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <http://f0711495.xsph.ru/>; rel=shortlink
Content-Encoding: gzip
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /jbz0z0FN/u/+dVp2Wg0uQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 07ZgTrWFp+02+rhcCIGnaml/jn0=
f0711495.xsph.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
141.8.192.165200 OK 14 kB URL HTTP/1.1 f0711495.xsph.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (43771)
Hash 1047dd6779111ec73736abd71a40fef9
e08643922ce9a1a488f2a72c0341807f59f7528e
d85287eacda4e97356cf1b53ec765e34c8913558d6fb485b334debf78c89a3bf
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 02:51:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315644e-15b64"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/uploads/elementor/css/post-6.css?ver=1665450082
141.8.192.165200 OK 536 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/uploads/elementor/css/post-6.css?ver=1665450082
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (1640), with no line terminators
Hash f5d81ac8ac94360ee24b7d76ba26b447
58d5a8f534e57144142ce2426e4a9c50ccc10a04
60afcbedea78f726eba60b1c256af48fd9ea5240dc7e3ccbf7932b83fe8f679e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-6.css?ver=1665450082 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 01:01:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344c062-668"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
141.8.192.165200 OK 1.1 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (3164), with no line terminators
Hash 79b783929296e7805a6636f23c3d8e8d
bc6fea92b2a093d81cc31ba40033f53c642b6bca
7bde30ddfa438300711235070dfadd3789e71b17c708b1f883dbbdec756fa445
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 10 Oct 2022 03:46:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"634395a8-c5c"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
141.8.192.165200 OK 2.1 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (6051), with no line terminators
Hash 30b1e29f33db552b0233b57b1141a682
534bc4f42fd0565a724f7732a302542a15accf42
1048b9703cc48317e623bdf8d3a552c5f92fffcc3038b9d5789ef64daba312cc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 03:46:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"634395a8-17a3"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
141.8.192.165200 OK 4.3 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (19233)
Hash 604fd8fa6bb661c05803395e60da945e
5026347d7d843b0cf1d969674dcce39fa798f1f6
1cde42ac7a1ff03a443a2ab4d73fefc03c962aea0f9f3745256d9f3eef2d1d8b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-4b4f"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/uploads/elementor/css/global.css?ver=1665452285
141.8.192.165200 OK 1.1 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/uploads/elementor/css/global.css?ver=1665452285
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (7317)
Hash aa973ed7b7f451854a0991d6b53824f5
d7939e17eb125a48fe4be9a8c9fbf27821cf390b
c8d3679e398bf5627a91459585b13d842baf551419cae518115aa340e688250c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1665452285 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 01:38:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344c8fd-31c6"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/uploads/elementor/css/post-2.css?ver=1665463642
141.8.192.165200 OK 4.4 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/uploads/elementor/css/post-2.css?ver=1665463642
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (46361), with no line terminators
Hash 929da1f8a816a5d1ea08192a0adb9f75
42ecb8e14ad8be8d692d7bc226055b8d81ab3d5a
ee1b69a24394033274de1d3aca24e6775b9eff4981c5c4f2dd3506cb64ad4ae6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-2.css?ver=1665463642 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 04:47:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344f55a-b519"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
141.8.192.165200 OK 14 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (57726)
Hash 2f0b07689b34366c1b04e9c84cc2b54c
0a49469573f7add891658c75253a4b68953925e5
6bddc997475f4020265128478b59384b44792a0f986d6a04cd79722b99f2f55f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-e238"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
141.8.192.165200 OK 669 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (483)
Hash 9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Content-Length: 669
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Connection: keep-alive
ETag: "6343955e-29d"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
f0711495.xsph.ru/wp-content/plugins/wp-yandex-metrika/assets/YmEc.min.js?ver=1.1.6
141.8.192.165200 OK 1.0 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wp-yandex-metrika/assets/YmEc.min.js?ver=1.1.6
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type Unicode text, UTF-8 text, with very long lines (2289), with no line terminators
Hash 1c86d40ad2e66a7b2fbe08dfd5e47230
e9b0c97b4fc70cf84702008313271c52a4e4d80f
5c95e37884d1c1b96708f7d27974c1e8a2c4d8dcb55a79e19d8e8ab5e977f8a0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-yandex-metrika/assets/YmEc.min.js?ver=1.1.6 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Oct 2022 14:31:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63457e4c-95c"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/wp-yandex-metrika/assets/frontend.min.js?ver=1.1.6
141.8.192.165200 OK 26 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wp-yandex-metrika/assets/frontend.min.js?ver=1.1.6
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with no line terminators
Hash 5e4770e5e76e338ce56104c679fb5ae7
1cd00bc8b809fe6d94f7238bb3f41f8854eb0843
993822e8d40fa3af93363e58e337931920bda2836b2ba9e376e8afc2ff571fe9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-yandex-metrika/assets/frontend.min.js?ver=1.1.6 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Content-Length: 26
Last-Modified: Tue, 11 Oct 2022 14:31:40 GMT
Connection: keep-alive
ETag: "63457e4c-1a"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
f0711495.xsph.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
141.8.192.165200 OK 4.4 kB URL HTTP/1.1 f0711495.xsph.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (11126)
Hash 24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 05 Sep 2022 02:52:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63156450-2bd8"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
141.8.192.165200 OK 984 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (12953)
Hash efef12e909f5968bb18254e5fb2d5190
0b42d8404a30fbd100dee396ce78232869ce6199
dbafbb9e0329d54a9ed21c1c3004dfe2189e029fde7c0fbab7f0753206d723d4
GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-32c0"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
141.8.192.165200 OK 34 kB URL HTTP/1.1 f0711495.xsph.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (65447)
Hash 22b0253c0ecce70e41e296d176b0d972
a161c363d2092739db21bfeb2cf23c980ec71580
181967b7928e133789c8edbb8bdcb73d44a0328d884b613f8ebfb182b4c3c52e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 05 Sep 2022 02:52:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63156450-15db1"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
141.8.192.165200 OK 1.1 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (11736)
Hash 4c5d974b48a29faee3c2795a39bc08a2
3febc02abd2d1b8e094b7fb5d15e1ee3d7c80591
cf92f10baf5b3a174a620bd741bd6ffa48cd5acb6876bbb0c73dbcf38c4ce467
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-2dff"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
141.8.192.165200 OK 5.5 kB URL HTTP/1.1 f0711495.xsph.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (15660)
Hash 17db16eba9de064a60b18a592b36634a
82fc955209623803111e48d5be3cf345315be6f5
1144901adf4e1d54838e6e04a2b75314f3b95518ee654d8c1742af50e355b433
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 05 Sep 2022 02:52:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63156450-48b9"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
141.8.192.165200 OK 2.9 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (10019)
Hash 6a41a891222b20ffa888a263dadd9541
0a60e8f24954286903a61455c3b5dee0aed7893e
66f99b0608e47e9e1ecd50287f529a11b830d7e561b52da7f697fd91d7995db0
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-4824"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
141.8.192.165200 OK 3.0 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (15672), with no line terminators
Hash 046cc2cb8fe3108530fe3516885ca833
4ea80f9e9835fc9cc6db93212b8f017402afe80d
2306a680278c8c2cc9caad71d60ac3ec879a07ea870b68fb416e9f3ac4d12752
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 03:46:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"634395a7-3d38"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
141.8.192.165200 OK 17 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (65497)
Hash 2d8dba80c22cdecfc4114fed05881380
3fa0737e97535fb49a5c6780e456036a5ed62f8c
9a669127607c79c551cd257030dfb9b29c26400b77ffae18450d3ff4e457380b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-1a78c"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
141.8.192.165200 OK 2.3 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (4918)
Hash c1c661af65dc3283da1502e8e5a36ca9
9fceedb2160ed888d5fc7dd66ba3eb23c8aebfa4
b83a9dc679225b4c83939bc5775a37ba4fab081acf579d64458e2389093dbb59
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-135d"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
141.8.192.165200 OK 3.3 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (12198), with no line terminators
Hash e7e06a56acbe48a5e94540829d446734
a62e3d7ea0dbd0a3e771f419377882aee5512e67
42ba07f11715edb58a365296c32ae85230bb28f164a34f561f295cbceb1f5981
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-2fa6"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.7.1
141.8.192.165200 OK 6.6 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.7.1
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (40956)
Hash 59ba052b5e2e7fe8aa70116518f586c2
18bcb4339786747e2b3e2ad9e4b029a9d3b32846
e57a3f63c7afbcb3474b36a2da77b931f2bd3c9b4cfea0db9a27698d279d9fac
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.7.1 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344c3b3-9ffd"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
141.8.192.165200 OK 12 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash b722dd3a16101c4fb151a83ba10b6ef0
f9f1c86c5652115f43f57f8a5f5ff179e8c829fd
32aa550bb508bfd67a04d56048d515e4d871df37cd1226aea139e3d6285e7721
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-80a1"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
141.8.192.165200 OK 7.4 kB URL HTTP/1.1 f0711495.xsph.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7070cf6c839a09af2a84f926dd2f95e1
2ac5f6312b4cc85f39804d4a61eeb00c2cced58e
ed584ebba9826c2d9fb5078ca275ce47d05b2a9a1f075e7493526fe7fe458c4c
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 05 Sep 2022 02:52:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63156450-50eb"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-includes/js/wp-util.min.js?ver=6.0.3
141.8.192.165200 OK 718 B URL HTTP/1.1 f0711495.xsph.ru/wp-includes/js/wp-util.min.js?ver=6.0.3
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (1305)
Hash 31e7f275636fe6733bafba2b77ce9ec0
9e2f9b8bfc9bf8910f6cc7068ea83ef379c6696f
08685fe4df303f97dd8f256b468000568635d59480e36784a8908a2d18c641e7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 05 Sep 2022 02:51:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315644e-53c"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.1
141.8.192.165200 OK 754 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.1
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (754), with no line terminators
Hash afb55c29bdbcfc262d9fa56743572cad
d4b6cb9df2b1b5477cd968fb05cf5faa1d13d6bf
c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.1 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Content-Length: 754
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Connection: keep-alive
ETag: "6344c3b3-2f2"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
f0711495.xsph.ru/wp-includes/js/underscore.min.js?ver=1.13.3
141.8.192.165200 OK 7.8 kB URL HTTP/1.1 f0711495.xsph.ru/wp-includes/js/underscore.min.js?ver=1.13.3
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (18876)
Hash a8f99c32a628461f9c7500e76e604567
88ab3c370bc896f5580065d601b7496a7b66bb56
9cf8b992dc38ff9be1ec3c2d5a31d69ec491db09eaa287a71f490df0edb1b139
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 05 Sep 2022 02:51:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315644e-49df"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
141.8.192.165200 OK 13 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (40474)
Hash e37a374d5b416c043c0fa98c043ffff7
ada96a406c6211242e5c0136aaec162b0358e29b
2ba1d0765f6996649e9be8e9a7403c907df3103ca134449025273b71c4102d9a
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-9e41"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/js/text-limit.min.js?ver=1.7.7.1
141.8.192.165200 OK 1.1 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/js/text-limit.min.js?ver=1.7.7.1
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (2849), with no line terminators
Hash 7688c8ff302d920e45dc5580fd9579a1
7816d85166ce6443f8cc5db1cdfdee7306eb9059
a00ef31cf03ddc26192760a06b5303974dc8f38dd3b8edc757b317498a0b2f68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/text-limit.min.js?ver=1.7.7.1 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344c3b3-b21"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5
141.8.192.165200 OK 8.6 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type Unicode text, UTF-8 text, with very long lines (24463)
Hash 284b491b73a0f84467e017528752e260
e89ed931e6bb8b133c41d2b009e9ea9f61d53386
92a6e4423ebb77511f15fda3df4af4be9f3b2f290e9b355749e710cc0eb13b62
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344c3b3-601a"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.7.1
141.8.192.165200 OK 174 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.7.1
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with no line terminators
Hash df8d6b24a870f878b16510e5dca1631d
588d0f674156a3208cee87b897af15f40854e484
499999d720ab71bdffc4e0115b8b05e1d5997f12e482426546a58a00edd77f74
GET /wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.7.1 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Content-Length: 174
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Connection: keep-alive
ETag: "6344c3b3-ae"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.7.1
141.8.192.165200 OK 11 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.7.1
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (32265), with no line terminators
Hash d16dd245753be9606b2210ee38080835
21181f0af75ce0a7f977de5a289df2fc2a7c230d
a190ebfd5d11d738cc9ae4a6d8e7370e254e23874a9235d1ec6ea49c737cd38e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.7.1 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344c3b3-7e09"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
141.8.192.165200 OK 1.7 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type C source, ASCII text, with very long lines (4014), with no line terminators
Hash 42cb5672bb2292dfd615ffa57962efc1
cdeeb2471bae2cb74ae416b0efd82d7ea6f4ade6
bb42c512f3e8476aff490bd2e9846ab2b0cf8aa7ca4f0d7ff43418f3b1464c63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344c3b3-fae"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
141.8.192.165200 OK 883 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (1713), with no line terminators
Hash eb79ef47d6ef5a083dd7eede7026d9f4
e6643349b7e779efbd5892b519f2876daa7fa0b7
7061fa7f033b40dad17ed8c232846a0ce65d4722a272fde2e48c3dee99383ec3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:51 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344c3b3-6b1"
Expires: Fri, 18 Nov 2022 18:45:51 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg
141.8.192.165200 OK 509 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (509), with no line terminators
Hash 8651ef6101d05b1c7b9340ea9e63b98d
2efc98059ba9c28d93312c2e51f63feb76f8a3b6
7ffd6ec4d1b1980400d8cc710d2edd0fb7833e2c83262f8401247043ca258149
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: image/svg+xml
Content-Length: 509
Last-Modified: Tue, 11 Oct 2022 01:15:31 GMT
Connection: keep-alive
ETag: "6344c3b3-1fd"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
141.8.192.165200 OK 78 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://f0711495.xsph.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: application/octet-stream
Content-Length: 78196
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Connection: keep-alive
ETag: "6343955e-13174"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
f0711495.xsph.ru/wp-content/uploads/2022/10/listening-1024x768.jpg
141.8.192.165200 OK 79 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/uploads/2022/10/listening-1024x768.jpg
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=18], baseline, precision 8, 1024x768, components 3\012- data
Hash 0d0b971dbc1c4feebc7cafeb2521ee0f
26786c05c4708bca667a00bf68b85bb88d367953
e805c6203beeb6780e32cafe325554e3d26a86f9241dd171f9ab2c78cfc4300c
GET /wp-content/uploads/2022/10/listening-1024x768.jpg HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: image/jpeg
Content-Length: 78691
Last-Modified: Tue, 11 Oct 2022 00:27:44 GMT
Connection: keep-alive
ETag: "6344b880-13363"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
141.8.192.165200 OK 676 B URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (1320)
Hash dc26aaacca95a567362b648552977358
446ca1698d837066cb8c8a620f51afbfbe413bb1
7a47a84e1daded718f7724e251c5bdb9f61afca9a0127dabbb448616086ad41c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-54f"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 189500
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
216.58.207.195200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash 7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:56 GMT
expires: Thu, 09 Nov 2023 19:34:56 GMT
cache-control: public, max-age=31536000
age: 169856
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:03:13 GMT
expires: Tue, 07 Nov 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 337359
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:21 GMT
expires: Thu, 09 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 169891
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjOhBVYNyB1Wk.woff2
216.58.207.195200 OK 6.1 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjOhBVYNyB1Wk.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 6088, version 1.0\012- data
Hash df255e217658241f414993b262ef6245
59448f50ced52206538ee6a4ec25e9e2d4a07fbe
cc6e7ad2f45ff3b7b769f2b375267ca5d06b9de68ebe473dea96e43dff3b2192
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjOhBVYNyB1Wk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6088
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 06:08:46 GMT
expires: Wed, 08 Nov 2023 06:08:46 GMT
cache-control: public, max-age=31536000
age: 304626
last-modified: Mon, 09 May 2022 18:27:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjThZVYNyB1Wk.woff2
216.58.207.195200 OK 6.0 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjThZVYNyB1Wk.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5996, version 1.0\012- data
Hash f700f359c69925c4f159d5946045e350
83773d8d25fea001b786fca1a48fdc5af8ac5959
8af2d9b689aca0f0b6ef51587e1b86b6853c9af3312a58fa61fa14f58b270481
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjThZVYNyB1Wk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5996
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 06:41:55 GMT
expires: Wed, 08 Nov 2023 06:41:55 GMT
cache-control: public, max-age=31536000
age: 302637
last-modified: Mon, 09 May 2022 18:28:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjThZVZNyB.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjThZVZNyB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13024, version 1.0\012- data
Hash 92aadfbc05c69fdeb19657dfe45c1083
cd2574914e14fb3326976b6c8d26b4e4e097be71
1aea802d16476a74c8683213c1f62c53c76006d007ee244b3899f304ebcc52e0
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjThZVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13024
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:35:55 GMT
expires: Fri, 10 Nov 2023 21:35:55 GMT
cache-control: public, max-age=31536000
age: 76197
last-modified: Mon, 09 May 2022 18:27:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjOhBVZNyB.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjOhBVZNyB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13116, version 1.0\012- data
Hash 91f34623f20a8cb6ef3ce549213b9693
4216b9e82639c1ddfb283f667547623677647fa0
09d7a52512bc7dccc149e0d126aadd413152c43376848cf0141faec29d79cd85
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjOhBVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:55:27 GMT
expires: Tue, 07 Nov 2023 21:55:27 GMT
cache-control: public, max-age=31536000
age: 334225
last-modified: Mon, 09 May 2022 18:27:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data
Hash 7fbdfaab6bd8b191496ffe1ef1b9e748
e9e592f8498d489d8000f3a4cfb1bb447f251edd
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:44:32 GMT
expires: Thu, 09 Nov 2023 19:44:32 GMT
cache-control: public, max-age=31536000
age: 169280
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 06:19:49 GMT
expires: Fri, 10 Nov 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 131163
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9576, version 1.0\012- data
Hash 9b9ec29522d1bf8924ccc2d917e1807b
1df345651c653bba476ab6b8546351ec7f4f018a
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:55:23 GMT
expires: Tue, 07 Nov 2023 21:55:23 GMT
cache-control: public, max-age=31536000
age: 334229
last-modified: Wed, 11 May 2022 19:24:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0TIpQlx3QUlC5A4PNr4AzpYeyDzW0.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0TIpQlx3QUlC5A4PNr4AzpYeyDzW0.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11748, version 1.0\012- data
Hash aad067ee2a49ecc2620c597e1297665b
c5a5456a8e3b4ac5fbfb7b2aefba9839b7dcb61f
5296b124a9a0baffa76971803b4f62f4bbd61197378306e9ae9d75213c41678c
GET /s/notosans/v27/o-0TIpQlx3QUlC5A4PNr4AzpYeyDzW0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 16:17:33 GMT
expires: Wed, 08 Nov 2023 16:17:33 GMT
cache-control: public, max-age=31536000
age: 268099
last-modified: Mon, 09 May 2022 18:27:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10428, version 1.0\012- data
Hash 60b22162318b7f70a91d8c095adbfbef
839d00e59f38538be109b45b9000c2682a97836a
76945c7494c20515bb45d1dedab8f7062020a8252297f8e24ab4fa908ac24032
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 22:48:06 GMT
expires: Thu, 09 Nov 2023 22:48:06 GMT
cache-control: public, max-age=31536000
age: 158266
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0TIpQlx3QUlC5A4PNr4AzpYeyHzW1aPQ.woff2
216.58.207.195200 OK 7.2 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0TIpQlx3QUlC5A4PNr4AzpYeyHzW1aPQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7204, version 1.0\012- data
Hash cb2df21799973daec8a2043867228949
e3049a9b8d8d93552acc409aa3e2edf08ae59340
41eaa4f4405441b7fb20201bd0d2ba2f205ab9c664c9db54bb8e397c38d4ba77
GET /s/notosans/v27/o-0TIpQlx3QUlC5A4PNr4AzpYeyHzW1aPQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7204
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 15:22:10 GMT
expires: Fri, 10 Nov 2023 15:22:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:27:29 GMT
content-type: font/woff2
age: 98622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:31:05 GMT
expires: Thu, 09 Nov 2023 19:31:05 GMT
cache-control: public, max-age=31536000
age: 170087
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:23:34 GMT
expires: Fri, 10 Nov 2023 21:23:34 GMT
cache-control: public, max-age=31536000
age: 76938
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
216.58.207.195200 OK 5.9 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5936, version 1.0\012- data
Hash 4beeef1d6e982cadb6dad7b78da44af3
82bf853e223c391a254ca5ec3d8743366d4b33b0
2df8df811aa34268dae030824fd3d27905c259a28c208650b1e6f42cec094563
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:28:10 GMT
expires: Tue, 07 Nov 2023 21:28:10 GMT
cache-control: public, max-age=31536000
age: 335862
last-modified: Mon, 09 May 2022 18:27:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 172323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13104, version 1.0\012- data
Hash e4fcc5fb48fe6a182b3f0ae858982f53
577839a69a2d7125d2bfd1dbc069abd615f2ac7e
efc3c8a0ed2a9f798cae16417b7832147de397ebf1f8fb6cd4462f240605198e
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:33:53 GMT
expires: Fri, 10 Nov 2023 21:33:53 GMT
cache-control: public, max-age=31536000
age: 76319
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjFhdVYNyB1Wk.woff2
216.58.207.195200 OK 6.1 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjFhdVYNyB1Wk.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 6072, version 1.0\012- data
Hash 16c56d0f906452344da26dc891ec59fc
c0b9eb48712499426764382072d3d86daef84562
f2823f4861da5878ec71fdc1609a512714ea7934dc3dc9f3ce41058ac24ac8e4
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjFhdVYNyB1Wk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 21:59:08 GMT
expires: Thu, 09 Nov 2023 21:59:08 GMT
cache-control: public, max-age=31536000
age: 161204
last-modified: Mon, 09 May 2022 18:29:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/accordion.be7db2e47c14ed1141fb.bundle.min.js
141.8.192.165200 OK 1.4 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/plugins/elementor/assets/js/accordion.be7db2e47c14ed1141fb.bundle.min.js
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (3713)
Hash 48eca36f37738ef0709f7f4f174bf4fb
7ec15952fd3c5975834cafd75768b181b0859835
e04cb81936f05ff6c71b1fe9e114150f78e12d101978a8602e618d00c3cac9b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/accordion.be7db2e47c14ed1141fb.bundle.min.js HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 10 Oct 2022 03:45:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6343955e-ea8"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
f0711495.xsph.ru/wp-content/uploads/2022/10/speaking-1024x768.jpg
141.8.192.165200 OK 85 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/uploads/2022/10/speaking-1024x768.jpg
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=18], baseline, precision 8, 1024x768, components 3\012- data
Hash 62c9c041ae98e54a7f76e73cd8f68106
cb13059001e06bf83c9373e1b0d79290a392d13b
9dc75a07fdc73148aee5b5c499e5f3fc879413e0aa12d0d84104fd6c16949455
GET /wp-content/uploads/2022/10/speaking-1024x768.jpg HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: image/jpeg
Content-Length: 85199
Last-Modified: Tue, 11 Oct 2022 00:24:45 GMT
Connection: keep-alive
ETag: "6344b7cd-14ccf"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
216.58.207.195200 OK 6.1 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 6072, version 1.0\012- data
Hash 1bc27c39adb5d6700380acc1ab3b2396
780a9f5c7c99165857c22670d3908ee8dcc58db7
154627be91ed8c1e92a0c4cd4011eef27d4b1ff1be423ad20836fc283e00393b
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:53:38 GMT
expires: Fri, 10 Nov 2023 21:53:38 GMT
cache-control: public, max-age=31536000
age: 75134
last-modified: Mon, 09 May 2022 18:27:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 169904
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:41 GMT
expires: Thu, 09 Nov 2023 19:34:41 GMT
cache-control: public, max-age=31536000
age: 169871
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
f0711495.xsph.ru/wp-content/uploads/2022/10/students-are-studying-english-girl-shows-her-classmate-how-pronounce-th-sound_141192-1211.webp
141.8.192.165200 OK 83 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/uploads/2022/10/students-are-studying-english-girl-shows-her-classmate-how-pronounce-th-sound_141192-1211.webp
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec6e48e131045db9d93fddc0d7b8c1c
d99289dec08fc1b29a86ed956e0047a114749d2e
9b3b1ab397991d726fb5ce98b90d7ba19136011ee1e8129a45dcfd48cdd35c43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/students-are-studying-english-girl-shows-her-classmate-how-pronounce-th-sound_141192-1211.webp HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: image/webp
Content-Length: 82614
Last-Modified: Mon, 10 Oct 2022 10:46:46 GMT
Connection: keep-alive
ETag: "6343f816-142b6"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
f0711495.xsph.ru/wp-content/uploads/2022/10/reading-1024x768.jpg
141.8.192.165200 OK 79 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/uploads/2022/10/reading-1024x768.jpg
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=18], baseline, precision 8, 1024x768, components 3\012- data
Hash 0fa4bb44c3474a6ea104af872d3289c0
fde63a9e842d54cd410afa58aa81d1667e53998a
af7542579d16251cfdbc808afb3fe452e285ea84809330a9e63cdd89aab0db01
GET /wp-content/uploads/2022/10/reading-1024x768.jpg HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: image/jpeg
Content-Length: 78629
Last-Modified: Tue, 11 Oct 2022 00:27:17 GMT
Connection: keep-alive
ETag: "6344b865-13325"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
f0711495.xsph.ru/wp-content/uploads/2022/10/writing-1024x768.jpg
141.8.192.165200 OK 71 kB URL HTTP/1.1 f0711495.xsph.ru/wp-content/uploads/2022/10/writing-1024x768.jpg
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=18], baseline, precision 8, 1024x768, components 3\012- data
Hash 768495dad85f2c2e36e79c42a6164aa4
2eb4073dc99c886839e957d40aab0d5c161412ab
4694de1fd2fdee476f3fb08cca10b1ba62455366e5c6a7bf35c9b95fb77c2a48
GET /wp-content/uploads/2022/10/writing-1024x768.jpg HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: image/jpeg
Content-Length: 71152
Last-Modified: Tue, 11 Oct 2022 00:26:26 GMT
Connection: keep-alive
ETag: "6344b832-115f0"
Expires: Fri, 18 Nov 2022 18:45:52 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 7ef0e1ddfd64e4d9797b95d0b2854ff7
2f33676574428b29cc77658fc76e8fafb7923f1e
85aa5bbb48f624ce3ba0b83a697563c0a07df9eb6d904edc5a0dc78961965b38
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:52 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 15 Nov 2022 16:46:33 GMT
ETag: "2f33676574428b29cc77658fc76e8fafb7923f1e"
Last-Modified: Fri, 11 Nov 2022 16:46:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1060
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ffb8a7fb4f9-OSL
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 6bb9990fc521832208f25ccf5261b719
be8acfb80dfc034d5cbd7dabb318ea8853762c10
677f03256dacdc519c12971fd422fe1afa0ecca3864f4e8f7aa0bed4eecd9c38
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73397
date: Fri, 11 Nov 2022 18:45:52 GMT
access-control-allow-origin: *
etag: "63575841-11eb5"
expires: Fri, 11 Nov 2022 19:45:52 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6107
Expires: Fri, 11 Nov 2022 20:27:39 GMT
Date: Fri, 11 Nov 2022 18:45:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6107
Expires: Fri, 11 Nov 2022 20:27:39 GMT
Date: Fri, 11 Nov 2022 18:45:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6107
Expires: Fri, 11 Nov 2022 20:27:39 GMT
Date: Fri, 11 Nov 2022 18:45:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90a78b0f806c0c5ef5e7128cc37b2edf
7339ad7b4f37cc37cb712207a7b3a5ac9355d9dc
770a2247a0f8d6b44c61cecc8a11e9882e4dd39269e181eef52cf6816407022b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6696
x-amzn-requestid: 19f91da1-beeb-400a-b4c0-059851ca839f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ_F3doAMFr6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-2ef73e121ff2c3cf0e95b450;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GgmLFeCzBEuR8gcEDGr8nBYW4xUUkIKZi0m8_TZ5quDeLmkROXm2_g==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 07:45:28 GMT
age: 39624
etag: "7339ad7b4f37cc37cb712207a7b3a5ac9355d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88c9931a009690991e73c5b37a1aa085
815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0
74e70391889e4b46742033b1d5daccfec415ba2ee999e429d1013fd4a1ebc61a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8294
x-amzn-requestid: 5dab4522-fca9-4ada-ad6f-3305c9686315
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u3H7PoAMF02g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-756c150c40fe6fff3ae7a609;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FXIS1Gr_-3RUm6WPZCVcjaefD3hehHV-IwO-ieFeUqeoPAE7vajlsg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:51 GMT
etag: "815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0"
content-type: image/jpeg
age: 75541
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f29164fb4dd64d9ce60566fbebd40f0a
96de8f2627e1103c5e6beb5d64cdbc09f97fce82
8eba6095edfed1ee1402c050727f81b8a9942625fd1c9cbb3bac4e51ee178577
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6517
x-amzn-requestid: 7884aa37-c94f-49d4-b6a4-c6bd66026d2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apxD3EeYIAMFYAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2ee5-337e8e0949f5020713fcab58;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kXRfJbLr7ErTvJIW0rjpcqxHA0zvN6XOPrszlIzXBgaJkJGWzkoyGw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 22:00:02 GMT
age: 74750
etag: "96de8f2627e1103c5e6beb5d64cdbc09f97fce82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13f7b6eea163326da8c58ae5c09efccd
e0d1ebb35a16c686eae3d31eb85ac72278459b05
13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MhIq0Vdxah99pPo_O7gkhrq9Nekkxld2lv0955wr0yJzcP3g6LAH8g==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 75536
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 04:18:29 GMT
age: 52043
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e72f32944d6f03e005f7b6f3e87d8c72
5fe340bf33ac219f6a3d44810f31d0a8796c83a9
bcdcba30210d276996d0fe749bbfc69d666ae11ddfbfdb57307e4bb4d6e43d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10671
x-amzn-requestid: 1b6053eb-64ac-4c24-a750-c1b8cd69157f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJEh8GxPoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366b472-56c6a3bc07ec89ab56d4f3bd;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 19:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qJeWGvC4DM_d3k66OHN2V19elou-xoSNkep1BNalBO0NtKyQtAFzNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 03:31:46 GMT
age: 54846
etag: "5fe340bf33ac219f6a3d44810f31d0a8796c83a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:45:52 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Fri, 11 Nov 2022 19:45:52 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90737815/1?wmode=7&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.0%22%2C%22pluginVersion%22%3A%221.1.6%22%2C%22ymCmsRip%22%3A%2274281797%22%7D%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1021386721973%3Ahid%3A1052566426%3Az%3A0%3Ai%3A20221111184552%3Aet%3A1668192353%3Ac%3A1%3Arn%3A344695267%3Arqn%3A1%3Au%3A1668192353547009314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C39%2C1221%2C0%2C-8%2C0%2C%2C640%2C19%2C%2C%2C%2C1969%3Ans%3A1668192349881%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192353%3At%3ABig%20Ben%20School%20%E2%80%93%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B0%D0%BD%D0%B3%D0%BB%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B0%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/90737815/1?wmode=7&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.0%22%2C%22pluginVersion%22%3A%221.1.6%22%2C%22ymCmsRip%22%3A%2274281797%22%7D%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1021386721973%3Ahid%3A1052566426%3Az%3A0%3Ai%3A20221111184552%3Aet%3A1668192353%3Ac%3A1%3Arn%3A344695267%3Arqn%3A1%3Au%3A1668192353547009314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C39%2C1221%2C0%2C-8%2C0%2C%2C640%2C19%2C%2C%2C%2C1969%3Ans%3A1668192349881%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192353%3At%3ABig%20Ben%20School%20%E2%80%93%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B0%D0%BD%D0%B3%D0%BB%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B0%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 8e3ef27c6af46c2c836e4e6e9363343f
b4ce3732892218c5d6bf00c40e26c79620d6434a
ad6582cf039f65d76d81fca49359ed1a9f6ddc38eefa57aff7741e7d508afd2d
GET /watch/90737815/1?wmode=7&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.0%22%2C%22pluginVersion%22%3A%221.1.6%22%2C%22ymCmsRip%22%3A%2274281797%22%7D%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1021386721973%3Ahid%3A1052566426%3Az%3A0%3Ai%3A20221111184552%3Aet%3A1668192353%3Ac%3A1%3Arn%3A344695267%3Arqn%3A1%3Au%3A1668192353547009314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C39%2C1221%2C0%2C-8%2C0%2C%2C640%2C19%2C%2C%2C%2C1969%3Ans%3A1668192349881%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192353%3At%3ABig%20Ben%20School%20%E2%80%93%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B0%D0%BD%D0%B3%D0%BB%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B0%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://f0711495.xsph.ru
Referer: http://f0711495.xsph.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Fri, 11 Nov 2022 18:45:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://f0711495.xsph.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:52 GMT
last-modified: Fri, 11-Nov-2022 18:45:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
f0711495.xsph.ru/favicon.ico
141.8.192.165302 Found 0 B URL HTTP/1.1 f0711495.xsph.ru/favicon.ico
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
HTTP/1.1 302 Found
Server: openresty
Date: Fri, 11 Nov 2022 18:45:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-LiteSpeed-Tag: c1c_HTTP.200,c1c_HTTP.302
Link: <http://f0711495.xsph.ru/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://f0711495.xsph.ru/wp-includes/images/w-logo-blue-white-bg.png
f0711495.xsph.ru/wp-includes/images/w-logo-blue-white-bg.png
141.8.192.165200 OK 4.1 kB URL HTTP/1.1 f0711495.xsph.ru/wp-includes/images/w-logo-blue-white-bg.png
IP 141.8.192.165:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: f0711495.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://f0711495.xsph.ru/
Connection: keep-alive
Cookie: _ym_uid=1668192353547009314; _ym_d=1668192353; _ym_isad=2; _ym_visorc=w
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 11 Nov 2022 18:45:53 GMT
Content-Type: image/png
Content-Length: 4119
Last-Modified: Mon, 05 Sep 2022 02:51:58 GMT
Connection: keep-alive
ETag: "6315644e-1017"
Expires: Fri, 18 Nov 2022 18:45:53 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
mc.yandex.ru/webvisor/90737815?wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=64293882&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668192355%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184555%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192355&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/90737815?wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=64293882&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668192355%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184555%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192355&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/90737815?wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=64293882&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668192355%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184555%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192355&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 133639
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:45:55 GMT
access-control-allow-origin: http://f0711495.xsph.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:55 GMT
last-modified: Fri, 11-Nov-2022 18:45:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/90737815?wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=431370749&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1668192356%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184555%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192356&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/90737815?wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=431370749&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1668192356%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184555%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192356&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/90737815?wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=431370749&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1668192356%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184555%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192356&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:45:56 GMT
access-control-allow-origin: http://f0711495.xsph.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:56 GMT
last-modified: Fri, 11-Nov-2022 18:45:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/90737815?wv-check=58419&wv-type=0&wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=727964645&browser-info=gdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/90737815?wv-check=58419&wv-type=0&wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=727964645&browser-info=gdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/90737815?wv-check=58419&wv-type=0&wmode=0&wv-part=1&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=727964645&browser-info=gdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:45:59 GMT
access-control-allow-origin: http://f0711495.xsph.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:59 GMT
last-modified: Fri, 11-Nov-2022 18:45:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/90737815?wmode=0&wv-part=2&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=45082119&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/90737815?wmode=0&wv-part=2&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=45082119&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/90737815?wmode=0&wv-part=2&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=45082119&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:45:59 GMT
access-control-allow-origin: http://f0711495.xsph.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:59 GMT
last-modified: Fri, 11-Nov-2022 18:45:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/90737815?wmode=0&wv-part=2&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=887751151&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/90737815?wmode=0&wv-part=2&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=887751151&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/90737815?wmode=0&wv-part=2&wv-hit=1052566426&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&rn=887751151&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668192359%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221111184558%3Au%3A1668192353547009314%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668192359&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:45:59 GMT
access-control-allow-origin: http://f0711495.xsph.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:59 GMT
last-modified: Fri, 11-Nov-2022 18:45:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90737815?wmode=7&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.0%22%2C%22pluginVersion%22%3A%221.1.6%22%2C%22ymCmsRip%22%3A%2274281797%22%7D%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1021386721973%3Ahid%3A1052566426%3Az%3A0%3Ai%3A20221111184552%3Aet%3A1668192353%3Ac%3A1%3Arn%3A344695267%3Arqn%3A1%3Au%3A1668192353547009314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C39%2C1221%2C0%2C-8%2C0%2C%2C640%2C19%2C%2C%2C%2C1969%3Ans%3A1668192349881%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192353%3At%3ABig%20Ben%20School%20%E2%80%93%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B0%D0%BD%D0%B3%D0%BB%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B0%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/90737815?wmode=7&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.0%22%2C%22pluginVersion%22%3A%221.1.6%22%2C%22ymCmsRip%22%3A%2274281797%22%7D%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1021386721973%3Ahid%3A1052566426%3Az%3A0%3Ai%3A20221111184552%3Aet%3A1668192353%3Ac%3A1%3Arn%3A344695267%3Arqn%3A1%3Au%3A1668192353547009314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C39%2C1221%2C0%2C-8%2C0%2C%2C640%2C19%2C%2C%2C%2C1969%3Ans%3A1668192349881%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192353%3At%3ABig%20Ben%20School%20%E2%80%93%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B0%D0%BD%D0%B3%D0%BB%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B0%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
GET /watch/90737815?wmode=7&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.0%22%2C%22pluginVersion%22%3A%221.1.6%22%2C%22ymCmsRip%22%3A%2274281797%22%7D%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1021386721973%3Ahid%3A1052566426%3Az%3A0%3Ai%3A20221111184552%3Aet%3A1668192353%3Ac%3A1%3Arn%3A344695267%3Arqn%3A1%3Au%3A1668192353547009314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C39%2C1221%2C0%2C-8%2C0%2C%2C640%2C19%2C%2C%2C%2C1969%3Ans%3A1668192349881%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192353%3At%3ABig%20Ben%20School%20%E2%80%93%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B0%D0%BD%D0%B3%D0%BB%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B0%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://f0711495.xsph.ru
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/90737815/1?wmode=7&page-url=http%3A%2F%2Ff0711495.xsph.ru%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22ymCmsPlugin%22%3A%7B%22cms%22%3A%22wordpress%22%2C%22cmsVersion%22%3A%226.0%22%2C%22pluginVersion%22%3A%221.1.6%22%2C%22ymCmsRip%22%3A%2274281797%22%7D%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1021386721973%3Ahid%3A1052566426%3Az%3A0%3Ai%3A20221111184552%3Aet%3A1668192353%3Ac%3A1%3Arn%3A344695267%3Arqn%3A1%3Au%3A1668192353547009314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C39%2C1221%2C0%2C-8%2C0%2C%2C640%2C19%2C%2C%2C%2C1969%3Ans%3A1668192349881%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192353%3At%3ABig%20Ben%20School%20%E2%80%93%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B0%D0%BD%D0%B3%D0%BB%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B0%20%D0%B2%20%D0%A2%D0%BE%D0%BC%D1%81%D0%BA%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 11 Nov 2022 18:45:52 GMT
access-control-allow-origin: http://f0711495.xsph.ru
set-cookie: yandexuid=4466937731668192352; Expires=Sat, 11-Nov-2023 18:45:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4466937731668192352; Expires=Sat, 11-Nov-2023 18:45:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=172431921668192352; Path=/; SameSite=None; Secure
i=9qvr+nkTHD3UvHZyjlXWUa2X+LPADLd0x9p2bJrp01qE3bDbbc9OCpATvEDi32AZtHlqMl5d++hpRPJTHm+gzhaTegk=; Expires=Mon, 08-Nov-2032 18:45:49 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728352.yrts.1668192352#1699728352.yrtsi.1668192352; Expires=Sat, 11-Nov-2023 18:45:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:52 GMT
last-modified: Fri, 11-Nov-2022 18:45:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Work+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNoto+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Work+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNoto+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Work+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNoto+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://f0711495.xsph.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 11 Nov 2022 18:45:52 GMT
date: Fri, 11 Nov 2022 18:45:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2