r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3219
Expires: Sun, 23 Oct 2022 18:18:18 GMT
Date: Sun, 23 Oct 2022 17:24:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 16:52:52 GMT
Expires: Sun, 23 Oct 2022 16:52:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H4NBqst9Pv3aAkkEoPafH6ZKsKbReLRe7GP10-eiOIV9-ZRlv90rxQ==
Age: 1907
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3296
Expires: Sun, 23 Oct 2022 18:19:35 GMT
Date: Sun, 23 Oct 2022 17:24:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MLBorfqsMoCcFvOMJawgqoOegcQWSdDOsNrn25trjBg+kR7p60OEsA1wdDNnQbLuG/kkiYG3edE=
x-amz-request-id: ER3ZNWS5JDYCKCY2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 17:08:10 GMT
age: 989
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
5.101.153.136301 Moved Permanently 0 B URL HTTP/1.1 www.rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
IP 5.101.153.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf HTTP/1.1
Host: www.rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=30
X-Powered-By: PHP/7.3.31
Set-Cookie: _sfs_id=e72593b54c8e3c220613acd210c7a3284f4f950d9bb1c0eb2840a21820456bef1666545879; expires=Sun, 23-Oct-2022 18:24:39 GMT; Max-Age=3600; path=/; HttpOnly
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 17:24:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 23 Oct 2022 16:43:40 GMT
Cache-Control: max-age=3600
Expires: Sun, 23 Oct 2022 17:30:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OGNCg-4VuUCn4X2B18ARXHsODe6Sa56mlQnoXd1Y-C3wGPd3y9OQAw==
Age: 2460
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5348
Cache-Control: max-age=144671
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 17:24:40 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 09:35:51 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
5.101.153.136404 Not Found 127 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
IP 5.101.153.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6044), with CRLF, LF line terminators
Size 127 kB (126838 bytes)
Hash 1ec5babc656b246d7e0dcf2f8517a8e2
5bff0e69b993dfc41ed9ee73c39cab5215ba963b
91994095778d4ba82d7ef30ab43e133fbeb511330d5ed750421d88f6b537b276
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
X-Powered-By: PHP/7.3.31
Set-Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880; expires=Sun, 23-Oct-2022 18:24:40 GMT; Max-Age=3600; path=/; HttpOnly
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://rec39.ru/wp-json/>; rel="https://api.w.org/"
rec39.ru/wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.5
5.101.153.136200 OK 2.6 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.5
IP 5.101.153.136:0
File type ASCII text, with very long lines (16755), with CRLF line terminators
Hash 9484a16ba12551f6a3ea9952f5be8a12
8bf8d3eaa85602d6bfc4f73151803ab1c89d1bd5
f4d041677373077f6254407b6258ee17290c5042269eae3c1d8ac9f5c267cafe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-4242"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.5
5.101.153.136200 OK 7.0 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.5
IP 5.101.153.136:0
File type ASCII text, with very long lines (34408), with no line terminators
Hash e865107d12b20969d461a3638a0e3ace
5b9e1a31c61954817233aebf72e0f0ce5f9b66bd
fa8f14bb7bedb7403706f8fa714db317e4a43c57310d5c77a322ceb35c5fb951
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-8668"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.5
5.101.153.136200 OK 1.8 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 10ac5826b672234fdcd12c153dfb7681
03113a472d1f7ba71f28fe15a85ff26fbb20e8ee
8bded06a6eec4bc5492180aab9bdc349a12da32dc873ce02e076dd01e216ee99
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-1cf2"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.5
5.101.153.136200 OK 9.7 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with very long lines (330), with CRLF line terminators
Hash 50b0306a15115cf70b5d61645d767d42
dab7d58c6ce8a90f600900bc53c666c4ca216bba
14479a5de9b8e95169e30a70538f41aa740c0153af0104cb31086a68910b675f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-ce5c"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.5
5.101.153.136200 OK 2.3 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 071d89858444875261d29788af729874
4c6bc3566ab075e00cdb082055d5b51ba19c354a
feb335232cf85ba17abd4303f1bb01afa578e61ce6f3723239941766f13b6f40
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-262e"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.5
5.101.153.136200 OK 2.4 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.5
IP 5.101.153.136:0
File type ASCII text, with CRLF line terminators
Hash cee3cb178bf2a07a579626528031fa3f
2481a8b0cf3b3a5ed63dcd9ddea5655f2cfabc84
d8200f4662f27dcb28d7873548e3f0e59bc539e4a9c8d1743a2c7926ed63cd22
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-342c"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/wp-recall/add-on/rcl-meter/style.css?ver=16.26.5
5.101.153.136200 OK 243 B URL HTTP/1.1 rec39.ru/wp-content/wp-recall/add-on/rcl-meter/style.css?ver=16.26.5
IP 5.101.153.136:0
File type ASCII text, with CRLF line terminators
Hash b5fdd2a7bd4b7e5ca412e56df4e3e6f6
a1aa450315c10229f6edc4577d8cee8b54ae12dc
885118916aa3d1a7e3c129b7355d8433b459f6387890a0c82f6d73721852f5ad
GET /wp-content/wp-recall/add-on/rcl-meter/style.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-231"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
5.101.153.136200 OK 2.2 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
IP 5.101.153.136:0
File type ASCII text, with very long lines (5092), with no line terminators
Hash fadb046ad02dc98892f8a102040a18ee
6fc3072fcbd94c7722145447bd3dc00f2458f8a6
926ee0e9d5a4ec3f859d7d49cf490a6a8f1694fef7df4bcc8de128123cf3eb9b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Sat, 14 Aug 2021 11:00:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6117a24c-13e4"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/page-404.min.css?ver=6.5.4
5.101.153.136200 OK 350 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/page-404.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (684)
Hash 557ec2624fb294a93aed9c4271f4117c
c7cfa3b4d71d205185580ce25e5d8c5249c10911
44476c6cc0949ebd910b9686de78783eeeb5b9c9715ec248ab6bd2f2fd2aa418
GET /wp-content/themes/woodmart/css/parts/page-404.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-2ad"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/wp-gutenberg.min.css?ver=6.5.4
5.101.153.136200 OK 2.1 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/wp-gutenberg.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (9099)
Hash 3da90474edf26556944dd41d1f1e5431
104c924e7857f619aa7d2f07e1eb3151bd1d981f
f2531a5d0cf6700bd2a242e7934ef880a14f4e81d6be4d53d0e9ec7a2de4ca7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/wp-gutenberg.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d10-238c"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css?ver=6.5.4
5.101.153.136200 OK 320 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (867)
Hash afa24615e7ca028d1ad59136be587b84
3d2d33c09db9d51fd6ab119c7a56815a63638db3
0b5b40ffa3915e72243f9a3c245995b9c42d01eb71e9333d03be54a7a13fc96f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-364"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/bootstrap.min.css?ver=6.5.4
5.101.153.136200 OK 3.0 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/bootstrap.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (19981)
Hash 37249fb8056f2b9e89a081a7d14e9183
cc60c8dd4b3dd6401b7da5ef3b7089c985120464
7f657e60ef04658517937b1f32bdab9e2d52d344059a984dd231b37efefc0dd9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/bootstrap.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-4ee6"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/base.min.css?ver=6.5.4
5.101.153.136200 OK 10 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (47676)
Hash 5d584f5641b2b3b7ff1184130fe1e823
025c63373f88ed865a51feaefd12103b1569563f
100de050177a2fd6ba95b98d5212be9e478d74bf187cd7d9abcc101511b1c41a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-ba3d"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
5.101.153.136200 OK 46 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (65358)
Hash 52000e7e83255c0af07f7c6d60550e82
988ec420d08f9846f95b2656c019a957edc7837f
202d2d7facdf835dbfab68db43575ead0daa8bd83f5aede410610ba72797ad9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:50:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d95-76891"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=6.5.4
5.101.153.136200 OK 190 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=6.5.4
IP 5.101.153.136:0
Hash 017e12c7003e08aa14fb09e800d6f316
ecdab606f0fc3fb0b878536bc83e5d3ab4de80cf
ce38d29c0ff8ef74f6ad4ad5a30126996d77383d667184d72281acec9157d1ba
GET /wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-11d"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/base-deprecated.min.css?ver=6.5.4
5.101.153.136200 OK 454 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/base-deprecated.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1212)
Hash 7be1c48ec4ce07816195d1c04e076328
d9a1e1b5fafb1e12ad39765a037e1019586cf93a
e8233e5ffdf9b2c298c5570925590a03d3e2a8a9c6feebef1ef08d5940dc779f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/base-deprecated.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-4bd"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/int-wpb-base.min.css?ver=6.5.4
5.101.153.136200 OK 2.7 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/int-wpb-base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (14824)
Hash feafa05a6ad897cc3b5ab49b119864cb
99e1c9a5c61d56cd13bcc679aa9f8566bcd2a846
ccf7daaf602b24145e49fe36e7b15785f2d06625f1b8ec70215cf49285157883
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/int-wpb-base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-39e9"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/int-wpb-base-deprecated.min.css?ver=6.5.4
5.101.153.136200 OK 363 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/int-wpb-base-deprecated.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (833)
Hash d4f39220b8693432fe4bf3ee79fd2ab9
e481f523516c585d4ef1a0204be01d8fde52a4db
ef17e038be6ef9a4ecdc1ecb615ef39fcc9d2a45c487d69308aeff012fb90905
GET /wp-content/themes/woodmart/css/parts/int-wpb-base-deprecated.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-342"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/woo-opt-sticky-notices.min.css?ver=6.5.4
5.101.153.136200 OK 790 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/woo-opt-sticky-notices.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (3195)
Hash d8901aeaa3cdc1a044b15ef45b51496a
5990cd67d86b05ae6d9ed48d689ce63e5bea5e8f
805d3fb784953917db21205306438498b9fa717fe90596a272806779c121a46d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/woo-opt-sticky-notices.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d10-c7c"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /pyp2b+Ce5FVoep/2Xa/LQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pxP/fZ76Cj4rZeelQObO7jGMRzk=
rec39.ru/wp-content/themes/woodmart/css/parts/header-base.min.css?ver=6.5.4
5.101.153.136200 OK 2.5 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/header-base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (9951)
Hash 4585434c3d2e440e9ac1b7017ed3c0c7
c2f271bb4ea9a720ef47ab19613d555d6fd277a8
965351dd3ec4bacc9e4b58b24bfc9dc97862f7e85df166a23768ff0cd21d8cd1
GET /wp-content/themes/woodmart/css/parts/header-base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-26e0"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=6.5.4
5.101.153.136200 OK 842 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (3678)
Hash 9cf576b30cfc071bfc5709d366dde07d
7c6b6f375a98b1e73d91fce665559f8d3e5417f9
145fe5d948315df02d52c08769d6af622ffc10b03ea2c93ecfb5f42319348af1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-e5f"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/header-el-base.min.css?ver=6.5.4
5.101.153.136200 OK 813 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/header-el-base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2450)
Hash 82752f632708c893991daae012303fed
59e26ae20b3f1fd3933f0cd033338f495888dd73
8ea466e544b9b2bdf682164468fb68df2a67b3729f6c3f5a05bf757dc362698f
GET /wp-content/themes/woodmart/css/parts/header-el-base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0e-993"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/el-list.min.css?ver=6.5.4
5.101.153.136200 OK 450 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/el-list.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1037)
Hash 612d97899d9ff457fb6d11b2dbf144b5
130777b4e2bea02cda9bd6c392c7767405c288e6
66584d65cdf2600ef23decb0a05b58ea9bff675340ea627e8d78064c3bdca264
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/el-list.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-40e"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/header-el-search.min.css?ver=6.5.4
5.101.153.136200 OK 349 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/header-el-search.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (883)
Hash b279aa85d965830a62b8301d0c825e6d
f1091bce365878e2974ae55bc5bce25e1ad21302
a47756b0bea5ff623ce24ca15032a87737aecb3240bd496a2907476c9690889b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/header-el-search.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-374"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=6.5.4
5.101.153.136200 OK 516 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1264)
Hash 16c89a1b9b117dc4e6145d01b11a6835
a04737eccc7e0b8c72d629b34f1667f2fae01308
31fa67b763839b39db7bfce9701f5684b1d7676f59e878dc94e3a699bdb159d2
GET /wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-4f1"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/el-info-box.min.css?ver=6.5.4
5.101.153.136200 OK 1.4 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/el-info-box.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (5590)
Hash 00be5d8e04c79e92e6c8fb8bde87aa8a
31eb412e71c5d0d283ff68889d6d90ce105d81e2
127d2ae6312baf7eb076054d1c8414e6e496aea843b067b0d6846e7dbeb0af3d
GET /wp-content/themes/woodmart/css/parts/el-info-box.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-15d7"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/page-title.min.css?ver=6.5.4
5.101.153.136200 OK 263 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/page-title.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (564)
Hash bc72f475ef050efd38ba9e805efce46e
882282ba646fd8de832ebe7c4a9da224dfa47fbf
3338ea75efd6f61c160ac7c923695d7f288304b44cdbd3bf31092fb385600766
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/page-title.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-235"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css?ver=6.5.4
5.101.153.136200 OK 933 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2777)
Hash 176717d401bdcb536e82cce66f1520a6
cd95d013fc19bee225266649b43f5c80d58644ee
00902b70b2e48162854e680b781d0cc7a816054c95ec833953db770ed2ef69ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-ada"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/uploads/2022/09/xts-theme_settings_default-1664375034.css?ver=6.5.4
5.101.153.136200 OK 1.7 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2022/09/xts-theme_settings_default-1664375034.css?ver=6.5.4
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 8e348efc2b1e8a854205791ed934b410
05fb3c40cc12474ddade4f4993387f66101e2d2d
996696c6e89d3b74c22926f2e9656a7cc533de1050966d304816a9e81146a8d4
GET /wp-content/uploads/2022/09/xts-theme_settings_default-1664375034.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Sep 2022 14:23:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"633458fa-15db"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/footer-base.min.css?ver=6.5.4
5.101.153.136200 OK 445 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/footer-base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1137)
Hash 68649c8e64deb38f29c07a9a04a3af19
7bad5f9f70e73dd5a24b3915a7eaf488f802f933
0ff737f0d1a7d4acbcd4a9f7a50ba659b765f06ddfb4c9778a9851d9e48e5678
GET /wp-content/themes/woodmart/css/parts/footer-base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-472"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css?ver=6.5.4
5.101.153.136200 OK 434 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (773)
Hash 0b710f6af5c860da06fcbe46424dc9f3
da587ca05a10813d23be662820c4aaf98e019c8d
9f8b23eb27ad512992f73eb5cde8604f52adb4076dd3c940fd8026b527cefd15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-306"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/uploads/2022/09/xts-default_header-1664374368.css?ver=6.5.4
5.101.153.136200 OK 382 B URL HTTP/1.1 rec39.ru/wp-content/uploads/2022/09/xts-default_header-1664374368.css?ver=6.5.4
IP 5.101.153.136:0
Hash e8537ac8626cfc1ec17135f61cda484e
364096976d968ea81020002eb43e59324692a669
41f8d293434ddac7ff04d3530bac9ff9cd599fec4a0cc14fb24d07c97247c449
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/xts-default_header-1664374368.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Sep 2022 14:12:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"63345660-569"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
5.101.153.136200 OK 4.2 kB URL HTTP/1.1 rec39.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 5.101.153.136:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Sat, 14 Aug 2021 10:59:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6117a208-2bd8"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.5
5.101.153.136200 OK 11 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a13586477b6512367a26846d91b38241
22515a5c6cc63390d1b451b0564d6f1ee2f01992
b04284f21fd28c0830c74cf96c13105c53d2e9b16691c670ddef555cf64ca650
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-c285"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
5.101.153.136200 OK 31 kB URL HTTP/1.1 rec39.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (65447)
Hash 7a6e4a1e4a67fac0cd39ca1dd1982f47
a8bf880e5db17a703293d5a3c92623a97d5a1df1
daf4bcb15594deb268cc05f030ccaf8dfe4acab417758dd16a6f3b2d86d2908f
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Sat, 14 Aug 2021 10:59:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6117a208-15db1"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.5
5.101.153.136200 OK 3.5 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e86d348c1f7b6ac51dd25242c0ec84b9
07a3ad28ade22161908de1cde8def51d2853052e
2f4bf97811488105ba6f7fad4fafa79d73d5e614eb0220bc9dd9f220211ebfda
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-41f6"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.5
5.101.153.136200 OK 3.2 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 171f19851ef89505a28e02647a809af7
a45911f72fc992c10f67a15a2a5f3b40acd97829
b0817c990af22558fab8f1509f0ccf879842a20bf52bbebda777b73f3f3f6146
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-3b3a"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/wp-recall/add-on/rcl-meter/script.js?ver=16.26.5
5.101.153.136200 OK 683 B URL HTTP/1.1 rec39.ru/wp-content/wp-recall/add-on/rcl-meter/script.js?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 1b4f75991e3aa9fe8e58804eefeac63a
9c83183b48fbc4e7dfe2559e11a82ce309db8de2
f3ffa99c00e473566dc2a1a9f8adc2a0009da64057e936bbb91c9c0f391f292c
GET /wp-content/wp-recall/add-on/rcl-meter/script.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-85c"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/libs/device.min.js?ver=6.5.4
5.101.153.136200 OK 1.2 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/libs/device.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (3151), with no line terminators
Hash 2267d8acacaecf7867f8d38b1949d93e
1b94638a5917b6608384be96c1dc78d5060557af
97cba6ce5e73962896583d51887a3b54d6efeebe04f8d402a593e451989e49de
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/libs/device.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d12-c4f"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7
5.101.153.136200 OK 12 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7
IP 5.101.153.136:0
File type ASCII text, with very long lines (65371)
Hash 8aa6d8325b5ce94322bb3fd921f056ed
180cdfa6c966171ce9b34cbdb1d624498da56c47
5a9f23f67e30f17ef3b392bbe6cec645e3bbebf2014e0e09f297798771510f05
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:53:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e53-130fd"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.5
5.101.153.136200 OK 1.9 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c97d528edf3421acbb3b0fce5545c865
85284b37c748e17d5db0d77932119102f97ba431
809c0160e0bf910176700a709e74576e4efe7f0313ce84c261d7cf218e9ff22f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-1ee8"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
5.101.153.136200 OK 12 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (56243)
Hash f771dbdd9681b64d656183eb350dc09e
efc6709e6cec4368c4988d4c620b0dc48803c21c
aafcb9e5e135f0f640629553d25afa9fc37720fa56aa4500806a0371bf3f513d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:50:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d96-dc69"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0
5.101.153.136200 OK 4.3 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (34217)
Hash d1d42379d4a36c5f8a9bc16a89820fc5
ce05f997d3d48167bf92c5f5b3b47b8fe91a792c
2dbed6fc600b202f49ffcd8b3365b596b82572c4cd3919ed12c35d53b2a7928f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:50:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d96-865f"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=6.3.303
5.101.153.136200 OK 18 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=6.3.303
IP 5.101.153.136:0
File type ASCII text, with very long lines (65312), with CRLF line terminators
Hash 804359452a1ef91474c2d089a008ab96
1c72950f5891764b3df11d0081ce8a8340995549
0382ac6e311b26effef2fa8e8bd3b90cc3dd328c10637f2d8ec7f18aaa5e2bfa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-15c89"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.15
5.101.153.136200 OK 12 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.15
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 962158aabd558aac1a1baf0d7f3f477c
94347e9ff810c42a7c177655dd7f4b3dd0017f38
750e1901fd9ee9fe3a2093a7911d1119c552f151dbfd4db6b2836e9eebb8c273
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.15 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Thu, 03 Feb 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61fbb8d5-e168"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.7.1
5.101.153.136200 OK 20 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.7.1
IP 5.101.153.136:0
File type ASCII text, with very long lines (42477)
Hash c62c050d3ae6b57c6a5579a8e948048b
471f7b6e2af693f8db999798370d67cbba888881
6baa518f7c4588999bbc7b5f8d4400e1e3055e24afdd8cc05b437155456c7d59
GET /wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.7.1 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-11a48"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7
5.101.153.136200 OK 6.7 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7
IP 5.101.153.136:0
File type ASCII text, with very long lines (12198), with CRLF line terminators
Hash 10d768f8f12adcdeceddb54303dd283b
8d23a348de31d7338d6b22951a33ffb64c90f537
11d69f24d8cc25e88c432214dee653a3ccecacc23f6702cfa9c5654f3922ae80
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:53:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e53-5b20"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.7.1
5.101.153.136200 OK 46 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.7.1
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with very long lines (32126), with CRLF line terminators
Hash 63bcc734ebbff5d2e86b7a1b1b08c016
bfa28d4546ce5b3f520dd3bcd7555dd469294286
4f73e8b1819cc652dc8600eea8c440eaae2b9b0a8912f9a19f1184b407100c2b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.7.1 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-2748c"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
5.101.153.136200 OK 5.7 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (20096)
Hash 6a46964d8aaeced5805cfb291866d890
4111db3ee9237bc00bfbc3226c5e1c159797f745
3113f8b9c24fbe5a7d312fe8dade72688778ff4d5c2a71cda8e22381938d3493
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:50:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d95-4f5b"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.15
5.101.153.136200 OK 49 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.15
IP 5.101.153.136:0
File type ASCII text, with very long lines (45108)
Hash 76cc5ab7ff972e06e1796a9f458fb772
ef6d2420735a5587cee8957589bb2c6848ea8610
9144d244895706574d3e0755ec970ae01e80a7157c5a13dd4465591b0d2b883c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.15 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 03 Feb 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61fbb8d5-1f69c"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/libs/cookie.min.js?ver=6.5.4
5.101.153.136200 OK 865 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/libs/cookie.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1668), with no line terminators
Hash 07f8234563435e91169452af4ef95f6f
6dbda7ef1cc42022a4b09fd091ddfe4bdaccb3e2
5df04af23b2ffce7e96a5421f58f3b974f7113f16547ba4849f3ff6d3d855eb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/libs/cookie.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d12-684"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/wc/woocommerceNotices.min.js?ver=6.5.4
5.101.153.136200 OK 286 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/wc/woocommerceNotices.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (485), with no line terminators
Hash 1391fd419273db97dd4c0cfc30f2ec42
4803b49c9e834c1aecd0633fd72157c9cd9d746c
ba55588fa2cbb96ff100f4087951954ac36dc472a1a2508c1eb4afec18c0d67f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/wc/woocommerceNotices.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-1e5"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 17:24:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec39.ru/wp-content/themes/woodmart/js/scripts/global/helpers.min.js?ver=6.5.4
5.101.153.136200 OK 1.7 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/global/helpers.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (5154), with no line terminators
Hash 87a559e00f65e8b2eaba6eae9fe5a683
4d44420a21fe58e4a2f6e36c90355793b8fba763
de65ccaf693a96cbbdbac13f99c4c051483a04ac1c5dd999ea7bec7f11978846
GET /wp-content/themes/woodmart/js/scripts/global/helpers.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-1422"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/global/scrollBar.min.js?ver=6.5.4
5.101.153.136200 OK 154 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/global/scrollBar.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with no line terminators
Hash 706e2eb2b3f3065ac1ed5f3e1ae93edb
94ce3a8b8db5167e14dfaf2319379e4f509f7f9a
f571fab264a01990e84844c89557463d04746a2e05de7d8801ff0295b9700216
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/global/scrollBar.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-d7"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/header/headerBuilder.min.js?ver=6.5.4
5.101.153.136200 OK 930 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/header/headerBuilder.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2331), with no line terminators
Hash c07ac6394547a5ed0c56b3d6071e2d94
7a0b66028034d29b3002acc0e9eaebd5fb4f648c
c022cfabebf0677f99dec0882047b085b390ebd0a5f36a04b3b575739045101e
GET /wp-content/themes/woodmart/js/scripts/header/headerBuilder.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-91b"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/libs/magnific-popup.min.js?ver=6.5.4
5.101.153.136200 OK 7.5 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/libs/magnific-popup.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (20636), with no line terminators
Hash 9aa529ee4e656d1ac9e64e0a02bfcb52
f1ff04af4984fda176a0afdd0e5c6104d22cf512
bd606ea8d6d691e495a4df98ba6016904fb1a919bbf43ceef88f0698f35dd45e
GET /wp-content/themes/woodmart/js/libs/magnific-popup.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-509c"
Expires: Sun, 30 Oct 2022 17:24:41 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/menu/menuOffsets.min.js?ver=6.5.4
5.101.153.136200 OK 895 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/menu/menuOffsets.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2576), with no line terminators
Hash 2a59a5c970960ed7ac64e413d3a79a1e
bd2ff72e9039886a5858938752551101d90a6565
d34a21265012f42ce9d8f7896e99614b1a220f563be5d56929da6da4406e088c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/menu/menuOffsets.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-a10"
Expires: Sun, 30 Oct 2022 17:24:41 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/menu/menuSetUp.min.js?ver=6.5.4
5.101.153.136200 OK 545 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/menu/menuSetUp.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1357), with no line terminators
Hash f64bf403c598eced3b1464cc523d63bc
8e59d3285e7b4a95ac0dd822d470691fba4d30f9
08798c3dc01aadb78662c8fdeb12763d44d8da8bff217db5fe1208c7201d493b
GET /wp-content/themes/woodmart/js/scripts/menu/menuSetUp.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-54d"
Expires: Sun, 30 Oct 2022 17:24:41 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/wp-recall/add-on/types-profile/js/scripts.js?ver=16.26.5
5.101.153.136200 OK 375 B URL HTTP/1.1 rec39.ru/wp-content/wp-recall/add-on/types-profile/js/scripts.js?ver=16.26.5
IP 5.101.153.136:0
Hash a0e63e379a709fa19a8b7856c8aa90ad
b7d3d86af78fb18ba36a98fa415a6b57af66c938
1e088b75082bd0d7fbecd4bc49a697bfed84ee7046906802c9e6f8a336079601
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/wp-recall/add-on/types-profile/js/scripts.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-4a4"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/elements/contentPopup.min.js?ver=6.5.4
5.101.153.136200 OK 367 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/elements/contentPopup.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (726), with no line terminators
Hash 69072a9579bd572db2a2e1e70b159e38
c45437dabaa3e182a3d0da669707d42e8e5950d8
a2e852c20a3fb64f3562c8e3ff350c83a05a98465833057bfa5e65741344d8c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/elements/contentPopup.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-2d6"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 17:24:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec39.ru/wp-content/themes/woodmart/js/scripts/menu/mobileNavigation.min.js?ver=6.5.4
5.101.153.136200 OK 622 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/menu/mobileNavigation.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2083), with no line terminators
Hash c93b07255b1dd5668804a10bb897108f
72f9f0826003d6565bd326944ef263e02b7e86fc
da762e24ab36db97891031f37de00346d0917def1688b9cf905e6d755c030772
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/menu/mobileNavigation.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-823"
Expires: Sun, 30 Oct 2022 17:24:41 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/super-forms/assets/js/common.js?ver=6.3.303
5.101.153.136200 OK 78 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/js/common.js?ver=6.3.303
IP 5.101.153.136:0
File type ASCII text, with very long lines (6498), with CRLF line terminators
Hash 2c083603b666642dc0522e0f4f95ca6b
71d5ebf0de24490543546696a14b3c5d6898f1b7
30f6089acea43725e75ee8b88869925d0bec86a257928ee8570b61f54e7759b7
GET /wp-content/plugins/super-forms/assets/js/common.js?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-6dba6"
Expires: Sun, 30 Oct 2022 17:24:41 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=6.3.303
5.101.153.136200 OK 22 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=6.3.303
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with very long lines (367), with CRLF line terminators
Hash e3bfcafd207fcd38b40d69d60fd87d63
9721212911513976032cd0533d7ab3eae6f2990c
e5f364019e471e3ffac845986e0190fec9ec061cf8b9d69341e5b6f475179ea6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-37d7d"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/global/scrollTop.min.js?ver=6.5.4
5.101.153.136200 OK 225 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/global/scrollTop.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (362), with no line terminators
Hash e15343da35239fcd1f62cc3c40515eef
d30820c10f45ad0010ab1901cb5e39e0a5ca1433
02752e1054c42247e562320beba57f584deb5a7b88bef3a34a73169e8e4aa189
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/global/scrollTop.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-16a"
Expires: Sun, 30 Oct 2022 17:24:41 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=6.3.303
5.101.153.136200 OK 554 B URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=6.3.303
IP 5.101.153.136:0
File type ASCII text, with CRLF line terminators
Hash 5c593abb9eaef07b4f692aab953d4434
776579be348bffa6420d49dde25edddeadce4f4c
c60a0f696d7f27ac630a26ad3d182fee6f4126eb223a71268c2eedb4199dfe14
GET /wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-58f"
Expires: Sun, 30 Oct 2022 17:24:41 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/uploads/2020/03/icon24-50x52.png
5.101.153.136200 OK 2.0 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/icon24-50x52.png
IP 5.101.153.136:0
File type PNG image data, 50 x 52, 8-bit colormap, non-interlaced\012- data
Hash 09cdb0e033207ce63027cdfbaba79482
fe21bde299fb6cb9265274950c1b78d670c9cd70
e1cdd0abaac360b84fda01b26c96cee40c7041944d93e3589441df708a3d48e9
GET /wp-content/uploads/2020/03/icon24-50x52.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: image/png
Content-Length: 1996
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-7cc"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2020/05/rjek-logo1.jpg
5.101.153.136200 OK 47 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/05/rjek-logo1.jpg
IP 5.101.153.136:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=2557, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2045], baseline, precision 8, 350x128, components 3\012- data
Hash 582b910477d5a94e7894b12ca0c7f798
ed2c1be4e5c82215971621116d824f733e72e835
f47c2beacfbf3206e19303157693ce4083dd98cb45c032bee120bc006c0c0f1c
GET /wp-content/uploads/2020/05/rjek-logo1.jpg HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: image/jpeg
Content-Length: 47010
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-b7a2"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2020/03/logo-1.png
5.101.153.136200 OK 26 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/logo-1.png
IP 5.101.153.136:0
File type PNG image data, 91 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash ff17c742867a6408d5f651879dfc2615
b76233e9129154a3cf710d8dcce5c7628b5f2641
6e54ebc68da5549befe9c7debeb0758d865a89bf257b6f931816aa66784636c0
GET /wp-content/uploads/2020/03/logo-1.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: image/png
Content-Length: 26427
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-673b"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2020/03/icon21-50x58.png
5.101.153.136200 OK 2.4 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/icon21-50x58.png
IP 5.101.153.136:0
File type PNG image data, 50 x 58, 8-bit colormap, non-interlaced\012- data
Hash a499f4f0cfbd7bb0178ecec44356717d
d08feb0bafc9c00640666c8042a7a01ea02e5e77
5e15d2035ac574354bfe27440472e417cba1eb067cd0a394ad80d31addc3f5b7
GET /wp-content/uploads/2020/03/icon21-50x58.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: image/png
Content-Length: 2364
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-93c"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=6.3.303
5.101.153.136200 OK 28 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=6.3.303
IP 5.101.153.136:0
File type ASCII text, with CRLF line terminators
Hash 0e93c87f09d13d1a4219d32a8d2026dc
4952fd505fd599a1d3d23be05be983c2d4be7425
b2bc7a1af42e899e2ca811e131ce3cb67b45ea210df7d3b623153c273a1a5d5c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-29566"
Expires: Sun, 30 Oct 2022 17:24:41 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/uploads/2020/03/icon22-50x52.png
5.101.153.136200 OK 2.5 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/icon22-50x52.png
IP 5.101.153.136:0
File type PNG image data, 50 x 52, 8-bit colormap, non-interlaced\012- data
Hash da9f48b38b6f640c1e9e9cfb53341d21
b60416a414394292ef73a7eb0581e2d561561781
d4aac32d52d0c466480dd57d30aee3d0817bac6ee39cc2491b6b5e2ae8313a76
GET /wp-content/uploads/2020/03/icon22-50x52.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: image/png
Content-Length: 2509
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-9cd"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/webfonts/fa-solid-900.woff2
5.101.153.136200 OK 127 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/webfonts/fa-solid-900.woff2
IP 5.101.153.136:0
File type Web Open Font Format (Version 2), TrueType, length 126828, version 768.256\012- data
Size 127 kB (126828 bytes)
Hash 297973a488f688271dd223d542ba2697
ed99d812e4c88826335f93acede3fad85c90fb54
1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/assets/css/fonts/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=6.3.303
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/font-woff2
Content-Length: 126828
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "62e74ae2-1ef6c"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 17:24:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CPT+Sans%3A400%2C700&ver=6.5.4
142.250.74.10200 OK 12 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CPT+Sans%3A400%2C700&ver=6.5.4
IP 142.250.74.10:0
Hash 6391a0651710b482b03efb44009e4e2f
f676281805a05e18afa26b416a7ebacf13925648
e5bdfe267d797d33a070a5e0a564be7546a231d4ac3fdfaf0b729175a2790e6b
GET /css?family=Open+Sans%3A400%2C600%7CPT+Sans%3A400%2C700&ver=6.5.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rec39.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 17:24:41 GMT
date: Sun, 23 Oct 2022 17:24:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 17:24:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:27:53 GMT
expires: Thu, 19 Oct 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 338208
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 17:24:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.195200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:27:54 GMT
expires: Thu, 19 Oct 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 338207
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
216.58.207.195200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 29928, version 1.0\012- data
Hash 609bea65e2bf8ee9b728a85a8f1b282c
a0d2fbcf012e6554fb8cb182994ec8eb744ab65d
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:39:27 GMT
expires: Thu, 19 Oct 2023 19:39:27 GMT
cache-control: public, max-age=31536000
age: 337514
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Hash 4a90976686fcbd8296c7d7fccc04c273
bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 19:01:39 GMT
expires: Tue, 17 Oct 2023 19:01:39 GMT
cache-control: public, max-age=31536000
age: 512582
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg
5.101.153.136200 OK 82 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg
IP 5.101.153.136:0
File type Web Open Font Format (Version 2), TrueType, length 81956, version 1.0\012- data
Hash 13e75de776e38401894a7cf7e3023e6e
8783423a4e01c58625e02747d7b1f08f576cf378
bc5c1ffb80e8c6b709daf7cd8f06a977335f3a35f90332e9bd9a5e605717ccfe
GET /wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.5
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: application/font-woff2
Content-Length: 81956
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "62e74e68-14024"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 17:24:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec39.ru/wp-content/uploads/2020/03/icon231.png
5.101.153.136200 OK 3.7 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/icon231.png
IP 5.101.153.136:0
File type PNG image data, 54 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bea507841c6d9073757b7ebd200e1c7
31d13e2fea7452b028e941bd075b69b39f91d20e
8009a0f04c3dca8e8f0a510286122c8add0400ef8151b4fe8a518910e18a881d
GET /wp-content/uploads/2020/03/icon231.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: image/png
Content-Length: 3703
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-e77"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2021/08/re.png
5.101.153.136200 OK 9.7 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2021/08/re.png
IP 5.101.153.136:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 515ca37ae87342ad9da9b474fa737854
6962330afa1e914a074e2ec3583e6c2f02bb4a79
fc4c09022e18286a3575a8ab00cba38417a1af883304ac1bffe99c8654345db2
GET /wp-content/uploads/2021/08/re.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:41 GMT
Content-Type: image/png
Content-Length: 9740
Last-Modified: Sun, 15 Aug 2021 08:05:39 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "6118cad3-260c"
Expires: Tue, 22 Nov 2022 17:24:41 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9019
Expires: Sun, 23 Oct 2022 19:55:00 GMT
Date: Sun, 23 Oct 2022 17:24:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9019
Expires: Sun, 23 Oct 2022 19:55:00 GMT
Date: Sun, 23 Oct 2022 17:24:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9019
Expires: Sun, 23 Oct 2022 19:55:00 GMT
Date: Sun, 23 Oct 2022 17:24:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c95e4a-b411-4326-8723-bceab59b6d74.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c95e4a-b411-4326-8723-bceab59b6d74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fa30ef7eff515cfddf2f3b7ee67eb85
b488761c8ce781a44dcaf2e515ef548480dcd1bc
47c0e8ea9ef52c5d45dca54eb251d89983fba9937b7cf7872b065de04786f6ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c95e4a-b411-4326-8723-bceab59b6d74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8109
x-amzn-requestid: 39c9edcc-ea64-443e-82b3-230e41edbcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFhHBG_HoAMF7Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634baef9-7d6e66cd2012a3e8607f0d28;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:12:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BqGXfTDNR6-sNzqh1nIScjC2v2TCyOp0wY8AIXaKY3FdT4VH3ckBdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 00:13:12 GMT
age: 61889
etag: "b488761c8ce781a44dcaf2e515ef548480dcd1bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 208445a6f07a7259b8a420c062a81998
50d9f1642c3c47504fb2d4086a40ae8fb9479b50
607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12031
x-amzn-requestid: b15d6e4e-4880-4686-80c1-ba49f705631c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFgJtHZHoAMFsMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bad71-3ef572702125f3b32ceece12;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:06:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lH9TBIbvcDBvZlMi2a8yZ2iRcGCwJ7P0QoVvLVAjkCsVExNMi_UlRw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 10:35:08 GMT
age: 24573
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7d9a7abaf87962b855521efa710812f
a3e88fdb581161ee4a77a2e871b5dbf6438740ff
77c606ec418fdcf921011e7791c702a96ccb5ed9157988da3c7d9f2c460c2bbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10309
x-amzn-requestid: 440e8c86-be5e-47c5-8c91-a6b093b7077c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkTaoHWCIAMFwsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e65dd-7a06ea100494b8db4b76c4ec;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 05:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V-0zp4tJK8Px1D5JJkZ9h1HTzgCaTOeUhD4gikhRnorEGeujIHbf3A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:55:38 GMT
age: 70143
etag: "a3e88fdb581161ee4a77a2e871b5dbf6438740ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vP9aRT8xL5F2kf36A-lMaIQ9FSAEUGo8jmx9y63iIBDdyWYujkXXPw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:00:52 GMT
age: 69829
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5cf985ceb648df52d3cf5eb47c7705bc
8b0c5f567e25d9bf54263bb3c60b12db225feb81
9c8551a2d891562e12b9a30966dbd9221a041669db0cbb4395d6fa56791ef0dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8631
x-amzn-requestid: 536a4908-2fd7-4544-9159-ec2acc55a2bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRJZH2zoAMFYvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354623b-4d76adc023701d0228f951d1;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -Xf9fXAuwq_a1cPwa_4I-Qs3j9PXzsdsywN6dq3eynclAjSFjwDuLw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:42:04 GMT
age: 70957
etag: "8b0c5f567e25d9bf54263bb3c60b12db225feb81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bcadefe69587d4ab5bf5ff9e71eb5cab
066fb94a6ae38e57d67001cc319eea17f837d511
45b175a2cecee90b2d0efc16c4139686ffcf34bfac9084fe9e5e1c926dc1330c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10036
x-amzn-requestid: b1f0e0b9-6fc6-4b7c-a9b0-55845cdfd2d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abR9aEvjIAMF22Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63546388-72742b3a1279d76e2e842930;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 90q23XmFTygl90mCmT8p2Qi7BY2K2gjg3apZpTreMxYFpgT-716CDg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:45 GMT
age: 70436
etag: "066fb94a6ae38e57d67001cc319eea17f837d511"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rec39.ru/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.15
5.101.153.136200 OK 0 B URL HTTP/1.1 rec39.ru/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.15
IP 5.101.153.136:0
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.15 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/ea2901bd6122fa80d41ae118a24779bb/lakipakukasusejufun.pdf
Cookie: _sfs_id=63d5dbc20b87938e0d8dd72c400f09de2ecec63b2f5d43d3c00983a380403b3f1666545880
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sun, 23 Oct 2022 17:24:40 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 03 Feb 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61fbb8d5-5e26c"
Expires: Sun, 30 Oct 2022 17:24:40 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip