firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 17:15:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 11xKdWJ6kLVQo3E-u2Q-DghxDuhGnhwicYpC6SMaXovQ7--j22hBRg==
Age: 1543
cravtr.ru/
31.28.24.244200 OK 8.3 kB IP 31.28.24.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1902), with CRLF, LF line terminators
Hash 53f68e001fefd3a49845f20e8b55e4cb
c784da00836fa50bb3f9a3e7ec65941d123a3ae2
0a8520e1d2dc5d13154e5c7c924fceee5852a87a8a520afa0cc0c2c490854dd4
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:53 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.30
Set-Cookie: __ddg1_=llWB813mSHtNtZZwjsK2; Domain=.cravtr.ru; HttpOnly; Path=/; Expires=Mon, 25-Sep-2023 17:40:45 GMT
wordpress_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; HttpOnly
wordpress_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; HttpOnly
wordpress_logged_in_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
Link: <http://cravtr.ru/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Transfer-Encoding: chunked
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18017
Expires: Sun, 25 Sep 2022 22:41:02 GMT
Date: Sun, 25 Sep 2022 17:40:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13854
Expires: Sun, 25 Sep 2022 21:31:39 GMT
Date: Sun, 25 Sep 2022 17:40:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mtjcpYZx7sCckVeQ+RpmFUZjq48cwqOs9enmPvzDmihCNaYEe9p4ryjgNXUHD1wn1391iWXRdvQ=
x-amz-request-id: NNKGCF2V7BQ4T17F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 16:48:12 GMT
age: 3153
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 17:40:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cravtr.ru/wp-content/themes/allium/css/bootstrap-custom.css?ver=5.4.11
31.28.24.244200 OK 3.0 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/css/bootstrap-custom.css?ver=5.4.11
IP 31.28.24.244:0
File type ASCII text, with CRLF line terminators
Hash d8b1d10dcc8a24c2003d84860823282c
3ff8a9ce4838e889120264f386aab99a89fb30fb
70b518ff4382fefcbdcbb66c285fc8f2d8ca124c748d2f6c0e4886c84fc1f503
GET /wp-content/themes/allium/css/bootstrap-custom.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: text/css
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: W/"83c5-5e0632a0ba273"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11
31.28.24.244200 OK 7.6 kB URL HTTP/1.1 cravtr.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.4.11
IP 31.28.24.244:0
File type ASCII text, with very long lines (28088)
Hash 5efe06c40fc45fa59930747befb00c17
47c8ef7739f351e01c240a68c487d3faf9304ade
d463a011a332fb850d4dc2073a9afc49670824c414d4fcea52de4f996f0e2f00
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: text/css
Vary: Accept-Encoding
Last-Modified: Tue, 31 May 2022 18:09:11 GMT
ETag: W/"d159-5e052ab706575"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
31.28.24.244200 OK 4.0 kB URL HTTP/1.1 cravtr.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 31.28.24.244:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Tue, 31 May 2022 18:09:13 GMT
ETag: W/"2748-5e052ab890a07"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/plugins/featured-post-with-thumbnail/featured-post.css?ver=5.4.11
31.28.24.244200 OK 522 B URL HTTP/1.1 cravtr.ru/wp-content/plugins/featured-post-with-thumbnail/featured-post.css?ver=5.4.11
IP 31.28.24.244:0
File type ASCII text, with CRLF line terminators
Hash d8754c0e7bab2134f2437909c38548da
309c57754b719502ed493e0f5862e49c625c54ae
74fa853e49b27c1bff955d4670c7049e70218185e41e6958fa492f16006ccacd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/featured-post-with-thumbnail/featured-post.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: text/css
Vary: Accept-Encoding
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: W/"3de-5e052ab5d2b99"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
31.28.24.244200 OK 34 kB URL HTTP/1.1 cravtr.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 31.28.24.244:0
File type ASCII text, with very long lines (31997)
Hash a5798cf6edb87e2f64df51a38eceef6a
a96934773339f6f36a5b37c5d6903ad95c062dca
d65dc5e8cea9e4daea184d6de7d896eb23d08f04b3bc20fb9b35b237e93ec6ce
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Tue, 31 May 2022 18:09:13 GMT
ETag: W/"17a69-5e052ab895057"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide.css
31.28.24.244200 OK 914 B URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide.css
IP 31.28.24.244:0
File type ASCII text, with CRLF line terminators
Hash 44ebe90a6dcdcc5cec00bd88744523c9
45228eceb962aa7b5cd6d61bec07ad5038dfe296
0e8f72f822752425e3453d5c6d9eb8a40cf3f85e4182f64f6ce20863965b432c
GET /wp-content/plugins/auto-highslide/highslide/highslide.css HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: text/css
Vary: Accept-Encoding
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: W/"ee6-5e052ab5ce549"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/wp-content/themes/allium/style.css?ver=5.4.11
31.28.24.244200 OK 14 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/style.css?ver=5.4.11
IP 31.28.24.244:0
File type ASCII text, with very long lines (354), with CRLF line terminators
Hash 835ce41124200a0012e00eaa61f7c55e
49d868e8e5b47803d9bcaddc58f1999ee6c3d50e
1e17de6d35207c1f8e227e08fab1b5ed2b04c4e2479e4e84179e8322bfcd0620
GET /wp-content/themes/allium/style.css?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: text/css
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: W/"14876-5e0632a0d2cfb"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/themes/allium/js/enquire.js?ver=2.1.6
31.28.24.244200 OK 3.0 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/enquire.js?ver=2.1.6
IP 31.28.24.244:0
File type ASCII text, with very long lines (847), with CRLF line terminators
Hash 40062753c23d2cdeeea89df150a90b54
b198d313610b8707c523eb20cf9015698532576b
42a00ca5ebd72de02b4da477fe173c7032c32852606d74a08170b87fd2f26355
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/allium/js/enquire.js?ver=2.1.6 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: W/"27c2-5e0632a0c717b"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide-with-html.packed.js
31.28.24.244200 OK 15 kB URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide-with-html.packed.js
IP 31.28.24.244:0
File type ISO-8859 text, with very long lines (31128), with CRLF line terminators
Hash 042f2bff1ef4f1247c608c9415298575
a4215cd7e3f1fc0575943c92e7136c82ec42dfa0
36d0451438093d2f6289b651627a28559d941588fde0ee74e67704acdcad8af5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/auto-highslide/highslide/highslide-with-html.packed.js HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: W/"7dcf-5e052ab5cd991"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/themes/allium/js/hover-intent.js?ver=r7
31.28.24.244200 OK 1.6 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/hover-intent.js?ver=r7
IP 31.28.24.244:0
File type ASCII text, with CRLF line terminators
Hash f8497f945472ab15acc5d084a76b00cc
7e7d11e6b30cccdb4f5bd2353b735081a21ac4c9
4063d7da50049422beed7ab6a239c68e39ce50c5b4273af274f2bc31e0b8c6e3
GET /wp-content/themes/allium/js/hover-intent.js?ver=r7 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: W/"13bd-5e0632a0c8503"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/themes/allium/js/fitvids.js?ver=1.1
31.28.24.244200 OK 1.4 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/fitvids.js?ver=1.1
IP 31.28.24.244:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 99fcdda22a13f1dcb7b0e1f554d8446e
2e6841c08d97cf849e22d2ac320d7167e1309bf5
d2d954bb94b1a8e66856ce5d8d9a1ccc3bb253201bc3527a78ff4f45fc87b6ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/allium/js/fitvids.js?ver=1.1 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: W/"d6d-5e0632a0c794b"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/themes/allium/js/superfish.js?ver=1.7.10
31.28.24.244200 OK 2.5 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/superfish.js?ver=1.7.10
IP 31.28.24.244:0
File type ASCII text, with CRLF line terminators
Hash 252770cb326f37b4a050acf95282034f
a4128366506fdbc3f2a2a755019230109788100f
cc4581f134694cc3b6d3246eaa9b5f4fd3ef815f7f06fa47ca0aef5cd0b93a18
GET /wp-content/themes/allium/js/superfish.js?ver=1.7.10 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: W/"1ed0-5e0632a0c94a3"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/themes/allium/js/custom.js?ver=1.0
31.28.24.244200 OK 1.5 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/js/custom.js?ver=1.0
IP 31.28.24.244:0
File type ASCII text, with CRLF line terminators
Hash ae9cec99d53737fcd81f2a8745ffe0a5
4c6a46ee03d3f6fda00178a7ee275e546e12ff9c
da37ff5c5f4e31a1951d0de3305f6441bc1efa386f18bb1b677ebf1533ce9023
GET /wp-content/themes/allium/js/custom.js?ver=1.0 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: W/"13da-5e0632a0c5df3"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-includes/js/wp-embed.min.js?ver=5.4.11
31.28.24.244200 OK 765 B URL HTTP/1.1 cravtr.ru/wp-includes/js/wp-embed.min.js?ver=5.4.11
IP 31.28.24.244:0
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Tue, 31 May 2022 18:33:06 GMT
ETag: W/"592-5e05300eff215"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11
31.28.24.244200 OK 4.6 kB URL HTTP/1.1 cravtr.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11
IP 31.28.24.244:0
File type ASCII text, with very long lines (10927)
Hash e6022e7bf2772180c8dc14fd4c7c93c9
faadecbfd55439d1d9b9a74ec9e3d6117fbd77e2
13149c23cd5fb87d9a216cb2a93714f401730958fef162a7c9f8d25d03173850
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.11 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Tue, 31 May 2022 18:33:06 GMT
ETag: W/"363c-5e05300f0bd34"
Content-Encoding: gzip
Age: 51
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
cravtr.ru/wp-content/uploads/2022/06/teper-poslednij-xoroshij-vzglyad-na-prototip-honda-civic-type-r-2023-goda-pered-ego-debyutom.jpg
31.28.24.244200 OK 43 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/teper-poslednij-xoroshij-vzglyad-na-prototip-honda-civic-type-r-2023-goda-pered-ego-debyutom.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 577x322, components 3\012- data
Hash a9b5acf57136069be4cb131896ee0666
8151ea31a4bf5d6b9bf2b182494d5c5b6a025deb
4b373b4a72aa0dc360f715e78a099fa3c52229ba6576b5b831785535728a8aac
GET /wp-content/uploads/2022/06/teper-poslednij-xoroshij-vzglyad-na-prototip-honda-civic-type-r-2023-goda-pered-ego-debyutom.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 24 Sep 2022 18:40:05 GMT
Content-Type: image/jpeg
Content-Length: 43379
Last-Modified: Sun, 19 Jun 2022 14:43:58 GMT
ETag: "a973-5e1ce047a54e4"
Accept-Ranges: bytes
Age: 82840
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/uploads/2022/06/eto-elektromobil-nissan-leaf-sleduyushhego-pokoleniya.jpg
31.28.24.244200 OK 22 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/eto-elektromobil-nissan-leaf-sleduyushhego-pokoleniya.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 563x340, components 3\012- data
Hash c9c7a98af6c4c9158e04df3613691cf9
56db153894329d64a54f36b5d70216fa79ebf1bb
cc521e357e973f72b51d7c57224d2f79e5c8cd5af75280f6c03b2dd5f4578650
GET /wp-content/uploads/2022/06/eto-elektromobil-nissan-leaf-sleduyushhego-pokoleniya.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: image/jpeg
Content-Length: 22457
Last-Modified: Sun, 19 Jun 2022 14:02:28 GMT
ETag: "57b9-5e1cd70108452"
Accept-Ranges: bytes
Age: 51
DDG-Cache-Status: MISS,MISS
cravtr.ru/wp-content/uploads/2022/06/novejshee-ispytanie-dlya-modifikatora-avtomobilya-veteran-jdm-kostyanoj-pervoproxodec-80-x.jpg
31.28.24.244200 OK 46 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/novejshee-ispytanie-dlya-modifikatora-avtomobilya-veteran-jdm-kostyanoj-pervoproxodec-80-x.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 561x313, components 3\012- data
Hash 599a84726a9b03966c1ccca95d14742d
bce46c3522c5b364d59f624097108fc8b6d641cb
7d7c402de8ff4a8e129c010b12b696bc1a569935cf1956fbba4cc794c20c457d
GET /wp-content/uploads/2022/06/novejshee-ispytanie-dlya-modifikatora-avtomobilya-veteran-jdm-kostyanoj-pervoproxodec-80-x.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 24 Sep 2022 05:13:30 GMT
Content-Type: image/jpeg
Content-Length: 45775
Last-Modified: Sun, 19 Jun 2022 13:35:38 GMT
ETag: "b2cf-5e1cd10240271"
Accept-Ranges: bytes
Age: 131235
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/uploads/2022/06/novye-podrobnosti-o-bezumnoj-sborke-xunigana-subaru-wagon-vosmidesyatyx-s-862-l-s.jpg
31.28.24.244200 OK 48 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/novye-podrobnosti-o-bezumnoj-sborke-xunigana-subaru-wagon-vosmidesyatyx-s-862-l-s.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 576x316, components 3\012- data
Hash 41796105e150220dd12b4794218680b1
8359f178def55e53fcce728ceee810825eeeb395
a22e210018f766e76889f7df62e968d0fbedb00aad06f86588c3f9742b030e97
GET /wp-content/uploads/2022/06/novye-podrobnosti-o-bezumnoj-sborke-xunigana-subaru-wagon-vosmidesyatyx-s-862-l-s.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 03:26:13 GMT
Content-Type: image/jpeg
Content-Length: 47812
Last-Modified: Sun, 19 Jun 2022 11:02:17 GMT
ETag: "bac4-5e1caebb1c9a3"
Accept-Ranges: bytes
Age: 51272
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/uploads/2022/06/kia-carnival-2023-goda-povyshaet-stoimost-vxodnyx-biletov.jpg
31.28.24.244200 OK 45 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/kia-carnival-2023-goda-povyshaet-stoimost-vxodnyx-biletov.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 570x315, components 3\012- data
Hash e5a5062199a140a1d5c15988a2719a73
5e58191c69b4bc3a21d379b7886de731092cfa8e
e7d1640023f921adb299096b50517bf6208e9100283f76b274cab17b1e3fd5bb
GET /wp-content/uploads/2022/06/kia-carnival-2023-goda-povyshaet-stoimost-vxodnyx-biletov.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 24 Sep 2022 18:40:05 GMT
Content-Type: image/jpeg
Content-Length: 45303
Last-Modified: Sun, 19 Jun 2022 12:47:56 GMT
ETag: "b0f7-5e1cc6584be38"
Accept-Ranges: bytes
Age: 82840
DDG-Cache-Status: MISS,HIT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/wp-content/uploads/2022/06/my-slomali-podvesku-na-nashem-mercedes-benz-gle450-kotoryj-prozhil-celyj-god-i-on-nam-vse-eshhe-nravitsya.jpg
31.28.24.244200 OK 47 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/my-slomali-podvesku-na-nashem-mercedes-benz-gle450-kotoryj-prozhil-celyj-god-i-on-nam-vse-eshhe-nravitsya.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 557x308, components 3\012- data
Hash adde19fedd5f0bf9de045091c71965e2
b52c59a50b2df003f510afae9a20e5c08047c6c9
344c4e1c56ac89b55d06566d7dd4489a8356560aa2e5b039226e3f45db34cef9
GET /wp-content/uploads/2022/06/my-slomali-podvesku-na-nashem-mercedes-benz-gle450-kotoryj-prozhil-celyj-god-i-on-nam-vse-eshhe-nravitsya.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: image/jpeg
Content-Length: 47056
Last-Modified: Sun, 19 Jun 2022 12:31:36 GMT
ETag: "b7d0-5e1cc2b214367"
Accept-Ranges: bytes
Age: 51
DDG-Cache-Status: MISS,MISS
cravtr.ru/wp-content/uploads/2022/06/ferrari-ne-pozvolit-budushhim-elektromobilyam-i-vnedorozhnikam-purosangue-pomeshat-xorosho-provesti-vremya.jpg
31.28.24.244200 OK 16 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/ferrari-ne-pozvolit-budushhim-elektromobilyam-i-vnedorozhnikam-purosangue-pomeshat-xorosho-provesti-vremya.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 572x314, components 3\012- data
Hash 21661e00f67b094cdc43e5d52b1b5b05
ab6c8a964876bb9e5e795203552f7704b6fad6cf
dffd3b152de0cabec0a674adbcd077323264e3e120d3e6127eccd2c82f404947
GET /wp-content/uploads/2022/06/ferrari-ne-pozvolit-budushhim-elektromobilyam-i-vnedorozhnikam-purosangue-pomeshat-xorosho-provesti-vremya.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 24 Sep 2022 05:13:29 GMT
Content-Type: image/jpeg
Content-Length: 15678
Last-Modified: Sun, 19 Jun 2022 14:56:36 GMT
ETag: "3d3e-5e1ce31b22607"
Accept-Ranges: bytes
Age: 131236
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/uploads/2022/06/novyj-hyundai-palisade-xrt-2023-goda-kontroliruet-bolshuyu-chast-vashix.jpg
31.28.24.244200 OK 49 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/novyj-hyundai-palisade-xrt-2023-goda-kontroliruet-bolshuyu-chast-vashix.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x300, components 3\012- data
Hash a5dceec668beac185e856341ac47219e
76d2a68a54785715f588712c609413b4deb25e33
c604970a3e57cdfd29b88fa0a4163efdce2d5540b3909deb2fdafdcbaa625153
GET /wp-content/uploads/2022/06/novyj-hyundai-palisade-xrt-2023-goda-kontroliruet-bolshuyu-chast-vashix.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 24 Sep 2022 18:40:05 GMT
Content-Type: image/jpeg
Content-Length: 48988
Last-Modified: Sun, 19 Jun 2022 15:06:40 GMT
ETag: "bf5c-5e1ce55b3c9a6"
Accept-Ranges: bytes
Age: 82840
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/uploads/2022/06/vozhdenie-elektricheskogo-ford-bronco-ot-zero-labs.jpg
31.28.24.244200 OK 48 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/vozhdenie-elektricheskogo-ford-bronco-ot-zero-labs.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 576x325, components 3\012- data
Hash a4a4ac36dd74eb52664627123ad9e618
4451e1878259a8b4c66ad5f64a5a47c164b8ff80
2801acdf10b67300a1e3b6535ebfa5e5c054d63b1850961de014240a54202004
GET /wp-content/uploads/2022/06/vozhdenie-elektricheskogo-ford-bronco-ot-zero-labs.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 03:26:12 GMT
Content-Type: image/jpeg
Content-Length: 47978
Last-Modified: Sun, 19 Jun 2022 15:19:09 GMT
ETag: "bb6a-5e1ce8254f47d"
Accept-Ranges: bytes
Age: 51273
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/uploads/2022/06/nebolshoe-povyshenie-cen-na-kia-seltos-2023-goda-luchshe-chem-bolshoe.jpg
31.28.24.244200 OK 48 kB URL HTTP/1.1 cravtr.ru/wp-content/uploads/2022/06/nebolshoe-povyshenie-cen-na-kia-seltos-2023-goda-luchshe-chem-bolshoe.jpg
IP 31.28.24.244:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 571x318, components 3\012- data
Hash a54c65dbb24256af620eed05e6868666
7342551682d459c13726a118eb3a4d7f0227a5cd
07d47452cf2ba91947491180ee6074b158b1e16fba1edcb2c143f666ed134c49
GET /wp-content/uploads/2022/06/nebolshoe-povyshenie-cen-na-kia-seltos-2023-goda-luchshe-chem-bolshoe.jpg HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 24 Sep 2022 18:40:04 GMT
Content-Type: image/jpeg
Content-Length: 47918
Last-Modified: Sun, 19 Jun 2022 15:12:17 GMT
ETag: "bb2e-5e1ce69c82b22"
Accept-Ranges: bytes
Age: 82841
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/themes/allium/webfonts/fa-solid-900.woff2
31.28.24.244200 OK 79 kB URL HTTP/1.1 cravtr.ru/wp-content/themes/allium/webfonts/fa-solid-900.woff2
IP 31.28.24.244:0
File type Web Open Font Format (Version 2), TrueType, length 79100, version 1.0\012- data
Hash 5dc01cfcd5336f696cb85da7ce53fa9b
28a1f2fadc35c5343e0280389fe7955e3d1be607
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/allium/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cravtr.ru/wp-content/themes/allium/css/fontawesome-all.css?ver=5.4.11
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Length: 79100
Last-Modified: Wed, 01 Jun 2022 13:49:55 GMT
ETag: "134fc-5e0632a0fd0c2"
Accept-Ranges: bytes
Age: 51
DDG-Cache-Status: MISS,MISS
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cravtr.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 338797
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cravtr.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:19:49 GMT
expires: Fri, 22 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 300056
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cravtr.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:41 GMT
expires: Thu, 21 Sep 2023 19:34:41 GMT
cache-control: public, max-age=31536000
age: 338764
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cravtr.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 338797
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
counter.yadro.ru/hit?t16.1;r;s1280*1024*24;uhttp%3A//cravtr.ru/;h%u0410%u0432%u0442%u043E%u043C%u0438%u0440%20-;0.35479064916131153
88.212.201.204200 OK 197 B URL HTTP/1.1 counter.yadro.ru/hit?t16.1;r;s1280*1024*24;uhttp%3A//cravtr.ru/;h%u0410%u0432%u0442%u043E%u043C%u0438%u0440%20-;0.35479064916131153
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 88 x 31\012- data
Hash 90a36fef57f795d57443d5037a427df9
11a0f5557aca0025a2c9d63dd9d418c3d0a97f35
bbb821c45f11c10a3aac6f61b06017067761317bb4553b4a5f122a41729928ce
GET /hit?t16.1;r;s1280*1024*24;uhttp%3A//cravtr.ru/;h%u0410%u0432%u0442%u043E%u043C%u0438%u0440%20-;0.35479064916131153 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 25 Sep 2022 17:40:46 GMT
Content-Type: image/gif
Content-Length: 197
Connection: keep-alive
Expires: Fri, 24 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 17:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 17:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KTNeVc5ItdYWWQrcmkjDstsLje6--vFemDpuKdMdnRfikVc49Z3ucw==
Age: 2189
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0919555699512279
216.58.207.194200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0919555699512279
IP 216.58.207.194:0
File type ASCII text, with very long lines (2903)
Hash 0d63004ea780ca6788009014d261e3c6
c79a9e9e6f88788c356a00c589b06d1e9883d980
b4346e615e2c450368b969223de97efec7147b4938626680c394da949cead612
GET /pagead/js/adsbygoogle.js?client=ca-pub-0919555699512279 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cravtr.ru
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sun, 25 Sep 2022 17:40:46 GMT
expires: Sun, 25 Sep 2022 17:40:46 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6459938739474801901
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cravtr.ru/favicon.ico
31.28.24.244302 Found 0 B IP 31.28.24.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 302 Found
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.4.30
Set-Cookie: wordpress_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; HttpOnly
wordpress_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; HttpOnly
wordpress_logged_in_01c4960d334a652c59ba7203acf4e896=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
Link: <http://cravtr.ru/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://cravtr.ru/wp-includes/images/w-logo-blue-white-bg.png
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 54
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/wp-includes/images/w-logo-blue-white-bg.png
31.28.24.244200 OK 4.1 kB URL HTTP/1.1 cravtr.ru/wp-includes/images/w-logo-blue-white-bg.png
IP 31.28.24.244:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cravtr.ru/
Connection: keep-alive
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 25 Sep 2022 17:39:54 GMT
Content-Type: image/png
Content-Length: 4119
Last-Modified: Tue, 31 May 2022 18:09:12 GMT
ETag: "1017-5e052ab7d0bba"
Accept-Ranges: bytes
Age: 52
DDG-Cache-Status: MISS,MISS
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220921/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sun, 25 Sep 2022 03:27:23 GMT
expires: Sun, 09 Oct 2022 03:27:23 GMT
cache-control: public, max-age=1209600
age: 51203
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1031
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Last-Modified: Sun, 25 Sep 2022 17:23:36 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=cravtr.ru
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=cravtr.ru
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cravtr.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 17:40:46 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=cravtr.ru
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=cravtr.ru
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cravtr.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 17:40:46 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6669610813a1e4e2786f7d3f8d40c867
05839bacff46752db344a755d43db959787ae225
1a33b29382a6cb0072b29d29981cd4b04f876b7c4614026f4e96017b8db2eb03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=cravtr.ru&callback=_gfp_s_&client=ca-pub-0919555699512279
172.217.21.162200 OK 198 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=cravtr.ru&callback=_gfp_s_&client=ca-pub-0919555699512279
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash db6cd4bfe5425fe4404d97af67dbb3be
d7e85ee31c27910dd7880c575b3f7fa53c3b071e
e275607caacc4e6a92ce33007ea4449579ebde991ffc50ed1839b4b6942d3b32
GET /gampad/cookie.js?domain=cravtr.ru&callback=_gfp_s_&client=ca-pub-0919555699512279 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 17:40:46 GMT
server: cafe
cache-control: private
content-length: 198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6669610813a1e4e2786f7d3f8d40c867
05839bacff46752db344a755d43db959787ae225
1a33b29382a6cb0072b29d29981cd4b04f876b7c4614026f4e96017b8db2eb03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/outlines/rounded-white.png
31.28.24.244200 OK 2.0 kB URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/outlines/rounded-white.png
IP 31.28.24.244:0
File type PNG image data, 40 x 3000, 8-bit gray+alpha, non-interlaced\012- data
Hash 172cd05ac027f6a6c46553231506b3f8
9c05946fb3260c173964ace7e55e0c0f2169eef1
dd973ffb47385f17ebb5bb6ba99cf16b968e151f0004b565f8386ae7ce1753bb
GET /wp-content/plugins/auto-highslide/highslide/graphics/outlines/rounded-white.png HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2; __gads=ID=1db631ef20dc0b6b-22bf4e6d2ece00b4:T=1664127646:RT=1664127646:S=ALNI_MbBuPESN9dChFUpuIAlJf3NgSDCKw
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 24 Sep 2022 18:40:07 GMT
Content-Type: image/png
Content-Length: 2012
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "7dc-5e052ab5cb669"
Accept-Ranges: bytes
Age: 82839
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/zoomout.cur
31.28.24.244200 OK 326 B URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/zoomout.cur
IP 31.28.24.244:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x7\012- data
Hash e5f236bf2b60f8c8fc1867d70636a046
2d1695a011edd32a1abc5329dcf4b8ee196d5e7f
110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/auto-highslide/highslide/graphics/zoomout.cur HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2; __gads=ID=1db631ef20dc0b6b-22bf4e6d2ece00b4:T=1664127646:RT=1664127646:S=ALNI_MbBuPESN9dChFUpuIAlJf3NgSDCKw
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 24 Sep 2022 18:40:07 GMT
Content-Length: 326
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "146-5e052ab5ccdd9"
Accept-Ranges: bytes
Age: 82839
DDG-Cache-Status: MISS,HIT
cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/loader.white.gif
31.28.24.244200 OK 673 B URL HTTP/1.1 cravtr.ru/wp-content/plugins/auto-highslide/highslide/graphics/loader.white.gif
IP 31.28.24.244:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 2a6692973429d7a74513bfa8bcb5be20
f2af060f1cadbc9065c8c465c648dc01be67cc12
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
GET /wp-content/plugins/auto-highslide/highslide/graphics/loader.white.gif HTTP/1.1
Host: cravtr.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cravtr.ru/wp-content/plugins/auto-highslide/highslide/highslide.css
Cookie: __ddg1_=llWB813mSHtNtZZwjsK2; __gads=ID=1db631ef20dc0b6b-22bf4e6d2ece00b4:T=1664127646:RT=1664127646:S=ALNI_MbBuPESN9dChFUpuIAlJf3NgSDCKw
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 23 Sep 2022 06:27:01 GMT
Content-Type: image/gif
Content-Length: 673
Last-Modified: Tue, 31 May 2022 18:09:10 GMT
ETag: "2a1-5e052ab5c7401"
Accept-Ranges: bytes
Age: 213225
DDG-Cache-Status: MISS,HIT
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
216.58.207.194200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
IP 216.58.207.194:0
File type JSON data\012- , ASCII text, with very long lines (14885), with no line terminators
Hash fd35e1a730fa9d0ef9325ebe26cad243
3889ed2d9c61c00ff8c480b07dab06085e59e128
7549f718f7d28d20bce5e86e98084d3cbc80ae0be177c3ced77fb8290e226fa2
GET /getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cravtr.ru
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 25 Sep 2022 17:40:46 GMT
server: cafe
cache-control: private
content-length: 11303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: irOXfeTM1NpjNlNKO5rzPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2hosLK985ZuXz0acWehfFM2vZtM=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d5f86ddceacf0b5d14b5b74eb60e39e2
a197f1b182fc5aebc30ee5570d7c5e6d7a3f410d
0727801c97c941992fb3a3bf7cc6ca2c44e15326d6e3dc9f0f0b4af54f4908ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 25 Sep 2022 17:40:46 GMT
expires: Sun, 25 Sep 2022 17:40:46 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:42:03 GMT
expires: Mon, 25 Sep 2023 13:42:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 14323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
216.58.207.194200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (35833)
Hash 641fa9633bb1ea34925d41b24f75d974
70bf58d3ab2c31a57eea216dbf88f5a85f887ac7
496006a4545a804d572c2311127ccc37a1061a95abf11703e30d00fe83fb0d68
GET /bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15943
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:28:44 GMT
expires: Mon, 25 Sep 2023 13:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
content-type: text/javascript
age: 15122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 17:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 48c1bf50517eb9e75b15fd6f142b5198
04d626944775bc93a5de8257893cb08e8e9446fd
d64681068de139eda96c727b4bd55332400aa2b63f45b833b3915834d6a07a90
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 25 Sep 2022 17:40:46 GMT
date: Sun, 25 Sep 2022 17:40:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-o_wfW3bXLSVvQWApZr5kGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=2263363104288159&rc=
216.58.207.194204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=2263363104288159&rc=
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=2263363104288159&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 25 Sep 2022 17:40:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=2263363104288159&bg=!cXKlcjbNAAYIxsuQKMY7ACkAdvg8Wl91NAqVS-UGdPQC7koCack7iDdRmoyiFnN4b6xTci0AgNgISwIAAACpUgAAAAJoAQcKAFQ4Z9pXrPx5VlJXho1s7MmRMctqEFYLhIi42gcbOTUZDRMOyomEDUJyVme3D496IhCXKSvGCUkDAzPe7w-3bkYkOE9ocJhlvjl7w7T-edTNrR8tU8uZAoTCV4QUZdr7D5zi42wkSuraCg-bMlLXfGTAs1-PeH7nEIDFbNgu2v2qEqrQ3Q6qXAFtHgzgb2mm55Xj7txWmHGWNrlY-vB1lBMQex_CLvGr0sCDolpl7lRHzcH8NiDzUIi4DFVhalbK3sOVT2k1EJ176f_VeZuBaOvytX0OWqhC6LM-7wZv-oQ01rLcQhgrEmoZXBQBcyw5BuzxEBbAirnD9Td2keh8BS4pSBS16AsZsuw6BfUJOKNouWq_n3C__F1FAL2qyYHNc7NQd2ZXWz3kZrZeANKBHW1vGWDWllc0oz0utmLpJFWQO01e5sD4kgBmMvBsHIC_9Hp25GSyWBuaSeW_GxcDJCLpbkkcmPqTYXCUzK5lXwUprBUFx7BEhrF2ckfWQbE6VM4PWJvYa7qUBQJ_qnR43mFYHr_qUXY9nlZqL38kk74-sRJZgTX2NruSj-q55WfxiwtiUSdzM22W5U78gYY7x7__uYLgEZmg3eU0q54HXZNDiRKdgL5crvNS7i-wE9CVdLCQwndA8cjzAh3cUwmhshzlyNh_lpSWR4TFqJn_izSrGrCiiS6dcxzNc89tJVZAKvydviwv0T4TwLYajm0fXsg-JQl4MgNZEW0WjQqBoipV0miUHe0wQnC4YnQQ0eFLO8nU-Brvrd3qRjD84xBYkSVyDzOEyO7YE96ewfXVQ74iIdFI3mohod000_V-X1G_wMg5MYOVrSqQ9RihItTNmUXFXCOoFExrJbfTZNhEfAPaZNnlm_JX8Pu_j45GpfxE4XVtcclRYftAUDA_mipXH2_tkZVBRPplaSaHIDBqq6LMcBAoyLRNh02Qd0LJXOFE91LftSMdJzaF04t0JA
216.58.207.194204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=2263363104288159&bg=!cXKlcjbNAAYIxsuQKMY7ACkAdvg8Wl91NAqVS-UGdPQC7koCack7iDdRmoyiFnN4b6xTci0AgNgISwIAAACpUgAAAAJoAQcKAFQ4Z9pXrPx5VlJXho1s7MmRMctqEFYLhIi42gcbOTUZDRMOyomEDUJyVme3D496IhCXKSvGCUkDAzPe7w-3bkYkOE9ocJhlvjl7w7T-edTNrR8tU8uZAoTCV4QUZdr7D5zi42wkSuraCg-bMlLXfGTAs1-PeH7nEIDFbNgu2v2qEqrQ3Q6qXAFtHgzgb2mm55Xj7txWmHGWNrlY-vB1lBMQex_CLvGr0sCDolpl7lRHzcH8NiDzUIi4DFVhalbK3sOVT2k1EJ176f_VeZuBaOvytX0OWqhC6LM-7wZv-oQ01rLcQhgrEmoZXBQBcyw5BuzxEBbAirnD9Td2keh8BS4pSBS16AsZsuw6BfUJOKNouWq_n3C__F1FAL2qyYHNc7NQd2ZXWz3kZrZeANKBHW1vGWDWllc0oz0utmLpJFWQO01e5sD4kgBmMvBsHIC_9Hp25GSyWBuaSeW_GxcDJCLpbkkcmPqTYXCUzK5lXwUprBUFx7BEhrF2ckfWQbE6VM4PWJvYa7qUBQJ_qnR43mFYHr_qUXY9nlZqL38kk74-sRJZgTX2NruSj-q55WfxiwtiUSdzM22W5U78gYY7x7__uYLgEZmg3eU0q54HXZNDiRKdgL5crvNS7i-wE9CVdLCQwndA8cjzAh3cUwmhshzlyNh_lpSWR4TFqJn_izSrGrCiiS6dcxzNc89tJVZAKvydviwv0T4TwLYajm0fXsg-JQl4MgNZEW0WjQqBoipV0miUHe0wQnC4YnQQ0eFLO8nU-Brvrd3qRjD84xBYkSVyDzOEyO7YE96ewfXVQ74iIdFI3mohod000_V-X1G_wMg5MYOVrSqQ9RihItTNmUXFXCOoFExrJbfTZNhEfAPaZNnlm_JX8Pu_j45GpfxE4XVtcclRYftAUDA_mipXH2_tkZVBRPplaSaHIDBqq6LMcBAoyLRNh02Qd0LJXOFE91LftSMdJzaF04t0JA
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=2263363104288159&bg=!cXKlcjbNAAYIxsuQKMY7ACkAdvg8Wl91NAqVS-UGdPQC7koCack7iDdRmoyiFnN4b6xTci0AgNgISwIAAACpUgAAAAJoAQcKAFQ4Z9pXrPx5VlJXho1s7MmRMctqEFYLhIi42gcbOTUZDRMOyomEDUJyVme3D496IhCXKSvGCUkDAzPe7w-3bkYkOE9ocJhlvjl7w7T-edTNrR8tU8uZAoTCV4QUZdr7D5zi42wkSuraCg-bMlLXfGTAs1-PeH7nEIDFbNgu2v2qEqrQ3Q6qXAFtHgzgb2mm55Xj7txWmHGWNrlY-vB1lBMQex_CLvGr0sCDolpl7lRHzcH8NiDzUIi4DFVhalbK3sOVT2k1EJ176f_VeZuBaOvytX0OWqhC6LM-7wZv-oQ01rLcQhgrEmoZXBQBcyw5BuzxEBbAirnD9Td2keh8BS4pSBS16AsZsuw6BfUJOKNouWq_n3C__F1FAL2qyYHNc7NQd2ZXWz3kZrZeANKBHW1vGWDWllc0oz0utmLpJFWQO01e5sD4kgBmMvBsHIC_9Hp25GSyWBuaSeW_GxcDJCLpbkkcmPqTYXCUzK5lXwUprBUFx7BEhrF2ckfWQbE6VM4PWJvYa7qUBQJ_qnR43mFYHr_qUXY9nlZqL38kk74-sRJZgTX2NruSj-q55WfxiwtiUSdzM22W5U78gYY7x7__uYLgEZmg3eU0q54HXZNDiRKdgL5crvNS7i-wE9CVdLCQwndA8cjzAh3cUwmhshzlyNh_lpSWR4TFqJn_izSrGrCiiS6dcxzNc89tJVZAKvydviwv0T4TwLYajm0fXsg-JQl4MgNZEW0WjQqBoipV0miUHe0wQnC4YnQQ0eFLO8nU-Brvrd3qRjD84xBYkSVyDzOEyO7YE96ewfXVQ74iIdFI3mohod000_V-X1G_wMg5MYOVrSqQ9RihItTNmUXFXCOoFExrJbfTZNhEfAPaZNnlm_JX8Pu_j45GpfxE4XVtcclRYftAUDA_mipXH2_tkZVBRPplaSaHIDBqq6LMcBAoyLRNh02Qd0LJXOFE91LftSMdJzaF04t0JA HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 25 Sep 2022 17:40:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10304
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 17:40:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10304
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 17:40:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10304
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 17:40:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10304
Expires: Sun, 25 Sep 2022 20:32:31 GMT
Date: Sun, 25 Sep 2022 17:40:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca8f8393365641de380e9443b37a8581
2fde9899cf74129d7df8868008b323a527dc1170
dbcc05dcbbbf4b89bf0f10999c0f5679e822cce6f9e3437f2cafb913606bd8c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa43fecfd-7ebd-4a19-85fe-29bd0f3c5033.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9042
x-amzn-requestid: 8c2e6356-2b43-4162-94b9-efd45249047c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHRtIAMFwaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-034b1944694141f04debec31;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k1hcUfebiQMb8IRsmeAOkyI02F1vUvh7J9GxgU4qO8Ebp3TQUC2fQQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:24:40 GMT
age: 69367
etag: "2fde9899cf74129d7df8868008b323a527dc1170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:16:33 GMT
age: 33854
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 72208
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 71369
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b247d936b6e75a5075e09d9d2f7c3b1
7d3650b77b7f501d2f94592b8a4c0e02a75feb70
165d5ef729be431744228c7f1791141536db476811a3e9c7ab5958c6e38a781a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d4989e-b390-4a8b-be36-820e0256c211.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7977
x-amzn-requestid: 6d6cbdf9-91f4-4fb5-8afe-cb8dea476e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EoFjtIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7883-5681f08725a5ce7e36c27d75;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:07 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0H0AT4oKoQUzJWzgfJuK9M_bisrd4bhX6jVfbj3VZ5IPp8u2opEuOA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:25 GMT
etag: "7d3650b77b7f501d2f94592b8a4c0e02a75feb70"
content-type: image/jpeg
age: 72082
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 37892
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext
IP 142.250.74.10:0
GET /css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cravtr.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 17:40:45 GMT
date: Sun, 25 Sep 2022 17:40:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2