r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2578
Expires: Thu, 01 Sep 2022 03:57:12 GMT
Date: Thu, 01 Sep 2022 03:14:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 02:26:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0oW-6J5Q0RXUkUzdW8YjS5OJdj9l4t9WLdIsj_vK0aXvBXg-LnUdsA==
Age: 2841
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7Y6NZm3uPzn-fwNV-5FawDvQzx575hIkqaLhjPPxiAiWZSfgeBzCsA==
age: 7138
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:14:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
atma.rs/
88.99.35.48301 Moved Permanently 0 B IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Sep 2022 03:14:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirect-By: WordPress
Location: http://www.atma.rs/
X-Powered-By: PHP/7.4.30, PleskLin
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 02:57:05 GMT
Expires: Thu, 01 Sep 2022 03:52:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YnmFefI2ii0hbxS8p5KFswNZZltqL3VwsSgp2a8jmqTlhkxIphAnvg==
Age: 1029
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:14:14 GMT
Last-Modified: Thu, 01 Sep 2022 02:17:47 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.42.211.151101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.211.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b1xxwr05uc2fqQXjs4+2zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PTJDO/RdmU4Nc4otvQpMgeO0GO4=
www.atma.rs/
88.99.35.48200 OK 17 kB IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16536), with CRLF, LF line terminators
Hash 8a5e393c67ab6cba61bc046bbde59135
91f9f7672f87c4833036aa8d665da6718f3f3984
981da1d5e73f6cc5355fa077375651fc8f0dd2ee4c30ae932ee658aaaf29f035
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 16877
Connection: keep-alive
Link: <http://www.atma.rs/wp-json/>; rel="https://api.w.org/", <http://www.atma.rs/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <http://www.atma.rs/>; rel=shortlink
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, s-maxage=10
X-Powered-By: PHP/7.4.30, PleskLin
fonts.googleapis.com/css?family=Raleway400%2C300%2C700%7CRaleway%7CRoboto%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C400%2C300%2C700%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRaleway%3A400%7CRaleway%3A300%7CRoboto%3A700%7CRoboto%3A300&ver=1.4.0
142.250.74.10200 OK 928 B URL HTTP/1.1 fonts.googleapis.com/css?family=Raleway400%2C300%2C700%7CRaleway%7CRoboto%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C400%2C300%2C700%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRaleway%3A400%7CRaleway%3A300%7CRoboto%3A700%7CRoboto%3A300&ver=1.4.0
IP 142.250.74.10:0
Hash a32209b747d5746e74e41361e19abc3c
fad8c22a52a8460e61009bc14f2ee9eac05cdbb5
16a5a9c5c84d9f7dcef87df5f6218113a937147b75e36d999869f63b440f2194
GET /css?family=Raleway400%2C300%2C700%7CRaleway%7CRoboto%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C400%2C300%2C700%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRaleway%3A400%7CRaleway%3A300%7CRoboto%3A700%7CRoboto%3A300&ver=1.4.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 01 Sep 2022 03:14:15 GMT
Date: Thu, 01 Sep 2022 03:14:15 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.atma.rs/wp-includes/css/dist/block-library/A.style.min.css,qver=5.7.7.pagespeed.cf.XRz6SezAMZ.css
88.99.35.48200 OK 8.6 kB URL HTTP/1.1 www.atma.rs/wp-includes/css/dist/block-library/A.style.min.css,qver=5.7.7.pagespeed.cf.XRz6SezAMZ.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (57951), with no line terminators
Hash 8d755d9a690d24d02a2b11dc7b30140e
04d8d7ef29df58ccef601795ac6e57cfc5147204
0ce63bef60ebe63fef0779e4178c2b6bde8f55f38a4d9f1b1d44f7f0a5c8d516
GET /wp-includes/css/dist/block-library/A.style.min.css,qver=5.7.7.pagespeed.cf.XRz6SezAMZ.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 8631
Connection: keep-alive
Accept-Ranges: bytes
X-Original-Content-Length: 58171
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Last-Modified: Thu, 01 Sep 2022 03:14:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-content/plugins/cryout-serious-slider/resources/A.style.css,qver=1.2.1.pagespeed.cf.gg6cm-J4rP.css
88.99.35.48200 OK 4.2 kB URL HTTP/1.1 www.atma.rs/wp-content/plugins/cryout-serious-slider/resources/A.style.css,qver=1.2.1.pagespeed.cf.gg6cm-J4rP.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (26914)
Hash 3d731693f465a6bd7e0b589d76496faa
2b0fb70b7c3fa21b9466df4d7e6fe706b018b88a
305c49132b031a6fe821fc41d31053e3404d2b151f9496433884b089abb6aa31
GET /wp-content/plugins/cryout-serious-slider/resources/A.style.css,qver=1.2.1.pagespeed.cf.gg6cm-J4rP.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 4160
Connection: keep-alive
Accept-Ranges: bytes
X-Original-Content-Length: 42443
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Last-Modified: Thu, 01 Sep 2022 03:14:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-content/plugins/visualcomposer/public/dist/front.bundle.css,qver=35.1.pagespeed.ce.HPyAPM5Z5C.css
88.99.35.48200 OK 856 B URL HTTP/1.1 www.atma.rs/wp-content/plugins/visualcomposer/public/dist/front.bundle.css,qver=35.1.pagespeed.ce.HPyAPM5Z5C.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (16506), with no line terminators
Hash dd16a35f4173f5913271570b1b0df0e7
ba8bc26de5e557abe640a3d5ac4ef1796d824be7
f043138cd35199e803b37ec8247ab599f980a60d41b8648a68924c7218d4e115
GET /wp-content/plugins/visualcomposer/public/dist/front.bundle.css,qver=35.1.pagespeed.ce.HPyAPM5Z5C.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 856
Connection: keep-alive
Accept-Ranges: bytes
X-Original-Content-Length: 16506
Last-Modified: Fri, 12 Mar 2021 18:50:36 GMT
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js
88.99.35.48200 OK 11 kB URL HTTP/1.1 www.atma.rs/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 11224
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 19:27:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 11224
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/plugins/cryout-serious-slider/resources/jquery.mobile.custom.min.js,qver==1.2.1+slider.js,qver==1.2.1.pagespeed.jc.2DCoiEtEdi.js
88.99.35.48200 OK 8.1 kB URL HTTP/1.1 www.atma.rs/wp-content/plugins/cryout-serious-slider/resources/jquery.mobile.custom.min.js,qver==1.2.1+slider.js,qver==1.2.1.pagespeed.jc.2DCoiEtEdi.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (18066)
Hash ce15c682c83d02ed1d950e3c42a4aef0
f27f69597df5e10459b3d482e73a1950dc904e1a
a1f9e04f1a1aefc343acb32e00781de7e96cdd4442602cc60fc7e518a3ab95c8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cryout-serious-slider/resources/jquery.mobile.custom.min.js,qver==1.2.1+slider.js,qver==1.2.1.pagespeed.jc.2DCoiEtEdi.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 8083
Connection: keep-alive
Accept-Ranges: bytes
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Last-Modified: Thu, 01 Sep 2022 03:14:15 GMT
X-Original-Content-Length: 28235
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-includes/js/imagesloaded.min.js,qver=4.1.4.pagespeed.jm.JhF2ZrNsYa.js
88.99.35.48200 OK 1.7 kB URL HTTP/1.1 www.atma.rs/wp-includes/js/imagesloaded.min.js,qver=4.1.4.pagespeed.jm.JhF2ZrNsYa.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5477), with no line terminators
Hash 13e673c992e47c54d4172e9b69958209
8c062f5b90736e87598082a864088b5456a52ead
5e2c6958e806c2c93bf91d5432fd1b94596706dab06a976e072d05f969252fb5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js,qver=4.1.4.pagespeed.jm.JhF2ZrNsYa.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 1723
Connection: keep-alive
Accept-Ranges: bytes
X-Original-Content-Length: 5629
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Last-Modified: Thu, 01 Sep 2022 03:14:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-includes/js/masonry.min.js,qver=4.2.2.pagespeed.jm.R3ua-Jd9xm.js
88.99.35.48200 OK 7.3 kB URL HTTP/1.1 www.atma.rs/wp-includes/js/masonry.min.js,qver=4.2.2.pagespeed.jm.R3ua-Jd9xm.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (23966), with no line terminators
Hash c79102d5e7dc1f4ec5b9df7cc84fc275
eb68845abe08c017584d5784436140dd908712f2
f7a949695fedb26f2159a44db3f036b8d3dae818a11cadefe032fa7a9fc79d6d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js,qver=4.2.2.pagespeed.jm.R3ua-Jd9xm.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 7260
Connection: keep-alive
Accept-Ranges: bytes
X-Original-Content-Length: 24138
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Last-Modified: Thu, 01 Sep 2022 03:14:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-content/plugins,_visualcomposer,_public,_dist,_front.bundle.js,qver==35.1+plugins,_visualcomposer,_public,_dist,_runtime.bundle.js,qver==35.1+uploads,_visualcomposer-assets,_elements,_googleMaps,_googleMaps,_public,_dist,_googleMaps.min.js,qver==2.52-9.pagespeed.jc.6ee7ZoY-9L.js
88.99.35.48200 OK 4.7 kB URL HTTP/1.1 www.atma.rs/wp-content/plugins,_visualcomposer,_public,_dist,_front.bundle.js,qver==35.1+plugins,_visualcomposer,_public,_dist,_runtime.bundle.js,qver==35.1+uploads,_visualcomposer-assets,_elements,_googleMaps,_googleMaps,_public,_dist,_googleMaps.min.js,qver==2.52-9.pagespeed.jc.6ee7ZoY-9L.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (18886)
Hash 3d60408fb03244a6787d6a14aa146582
8f830125039da30418a65436c1bb722590a9bea0
2d8f00425cec7789f6a427f20efa3603635201cd6801f33f48c6d9d5962e55d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins,_visualcomposer,_public,_dist,_front.bundle.js,qver==35.1+plugins,_visualcomposer,_public,_dist,_runtime.bundle.js,qver==35.1+uploads,_visualcomposer-assets,_elements,_googleMaps,_googleMaps,_public,_dist,_googleMaps.min.js,qver==2.52-9.pagespeed.jc.6ee7ZoY-9L.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 4693
Connection: keep-alive
Accept-Ranges: bytes
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Last-Modified: Thu, 01 Sep 2022 03:14:15 GMT
X-Original-Content-Length: 26845
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-content/themes/anima/resources/js/frontend.js,qver=1.4.0.pagespeed.jm.k1Ifg5ZwwO.js
88.99.35.48200 OK 3.9 kB URL HTTP/1.1 www.atma.rs/wp-content/themes/anima/resources/js/frontend.js,qver=1.4.0.pagespeed.jm.k1Ifg5ZwwO.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (13024), with no line terminators
Hash deb183013020a0bdbb27228632108400
1c6430185763176352956d88975231802c8faf2d
21b2a5f3f84dc5c2034bc8996f97c5e6508f1bd2366b6f332cbf40e26742b5ff
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/anima/resources/js/frontend.js,qver=1.4.0.pagespeed.jm.k1Ifg5ZwwO.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 3878
Connection: keep-alive
Accept-Ranges: bytes
X-Original-Content-Length: 19152
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Last-Modified: Thu, 01 Sep 2022 03:14:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7
88.99.35.48200 OK 14 kB URL HTTP/1.1 www.atma.rs/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11272)
Hash eaa8641bcda2371f4024a71fbb67de3b
0e46c39d3821683c856605a82254115f9a6a7792
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.7 HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 14229
Last-Modified: Tue, 30 Aug 2022 19:27:35 GMT
Connection: keep-alive
Cache-Control: s-maxage=10
ETag: "630e64a7-3795"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.atma.rs/wp-content,_themes,_anima,_resources,_js,_ajax.js,qver==1.4.0+wp-includes,_js,_wp-embed.min.js,qver==5.7.7.pagespeed.jc.xmAhYYT_Qj.js
88.99.35.48200 OK 1.3 kB URL HTTP/1.1 www.atma.rs/wp-content,_themes,_anima,_resources,_js,_ajax.js,qver==1.4.0+wp-includes,_js,_wp-embed.min.js,qver==5.7.7.pagespeed.jc.xmAhYYT_Qj.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1800)
Hash 4ee2ab3d2fa336233e8ad61106e818cc
58e585491577bce339f2c902369e9b55c1d46b1d
8ee6f546a1a3edadda9b71ea8698ac452a3ee3dcea63a73c7a5b827e3c80aa6e
Analyzer Verdict Alert fortinet Malware
GET /wp-content,_themes,_anima,_resources,_js,_ajax.js,qver==1.4.0+wp-includes,_js,_wp-embed.min.js,qver==5.7.7.pagespeed.jc.xmAhYYT_Qj.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 1297
Connection: keep-alive
Accept-Ranges: bytes
Expires: Fri, 01 Sep 2023 03:14:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Last-Modified: Thu, 01 Sep 2022 03:14:15 GMT
X-Original-Content-Length: 5199
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
www.atma.rs/wp-includes/js/comment-reply.min.js,qver=5.7.7.pagespeed.jm.CQSp7cnmX8.js
88.99.35.48200 OK 3.0 kB URL HTTP/1.1 www.atma.rs/wp-includes/js/comment-reply.min.js,qver=5.7.7.pagespeed.jm.CQSp7cnmX8.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
Hash 3b59c3b33879d70b46063089ec505e03
4054dbf1c08e09d8514df72dbe137d02efae907a
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js,qver=5.7.7.pagespeed.jm.CQSp7cnmX8.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 2984
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 08:47:05 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 2984
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e09d49105d6be5f3e0b14c00f426fd8
f74bb03d763eb00c5f5ab78a714963c463d1e64f
cd81c573065ab62a53184e5f4c06f54a7c57adfad6ffae67aafafe2980aa26d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD81C573065AB62A53184E5F4C06F54A7C57ADFAD6FFAE67AAFAFE2980AA26D6"
Last-Modified: Wed, 31 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Thu, 01 Sep 2022 07:17:10 GMT
Date: Thu, 01 Sep 2022 03:14:15 GMT
Connection: keep-alive
call.greengoplatform.com/robots.js?vs=1.0.1
91.211.91.112200 OK 573 B URL HTTP/1.1 call.greengoplatform.com/robots.js?vs=1.0.1
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
Analyzer Verdict Alert fortinet Malware
GET /robots.js?vs=1.0.1 HTTP/1.1
Host: call.greengoplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
simple.cofounderspecials.com/tag.js
91.211.91.114200 OK 47 kB URL HTTP/2 simple.cofounderspecials.com/tag.js
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
Hash ec97eeb03a177f721b280e07100f4a94
566192e97069e555799c5ba29508adbf4527285d
4737a8d68203c02dbb996d298e41d4dbabf97dfc043583431308443255113f48
GET /tag.js HTTP/1.1
Host: simple.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:14:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 31 Aug 2022 20:16:49 GMT
vary: Accept-Encoding
etag: W/"630fc1b1-92c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCMIT5lu.woff2
142.250.74.163200 OK 30 kB URL HTTP/1.1 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCMIT5lu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30448, version 1.0\012- data
Hash f6a5275600e3447cfa07e0ee749c765b
c5b0110362478148228002baf85595775cf53fd1
ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf
GET /s/raleway/v28/1Ptug8zYS_SKggPNyCMIT5lu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.atma.rs
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30448
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 30 Aug 2022 15:20:01 GMT
Expires: Wed, 30 Aug 2023 15:20:01 GMT
Cache-Control: public, max-age=31536000
Age: 129254
Last-Modified: Mon, 18 Jul 2022 20:08:52 GMT
Content-Type: font/woff2
www.atma.rs/wp-includes/js/jquery/jquery.min.js,qver=3.5.1.pagespeed.jm.buo63cp1wa.js
88.99.35.48200 OK 29 kB URL HTTP/1.1 www.atma.rs/wp-includes/js/jquery/jquery.min.js,qver=3.5.1.pagespeed.jm.buo63cp1wa.js
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
Hash 1ca1eac66fd5ca4ebd659c6e0b6c9f2a
3d041ce385201926c46d4b839fcc431a8c05007c
aaa9773b93a3381be7042aae6d60f4af2812204d4dd2dc18d75e8049699dd39d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js,qver=3.5.1.pagespeed.jm.buo63cp1wa.js HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: application/javascript
Content-Length: 89496
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 19:27:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 89496
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2019/12/xlogo-1-1.png.pagespeed.ic.2ENRas0HFP.png
88.99.35.48200 OK 16 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2019/12/xlogo-1-1.png.pagespeed.ic.2ENRas0HFP.png
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 164 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash 82967884c82991f2ba1522ef74e4128c
99d4867d17db536c3ec4169b88ac9c240bb498e8
0c53f8cdc1996c4a7324f8fb5c740fcd8e40ec0a89aa480dd97a985e6ba9fb62
GET /wp-content/uploads/2019/12/xlogo-1-1.png.pagespeed.ic.2ENRas0HFP.png HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: image/png
Content-Length: 15840
Connection: keep-alive
Last-Modified: Thu, 11 Mar 2021 00:04:30 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2019/12/logo-1-1.png>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/03/xatma_002.jpg.pagespeed.ic.HpDyvKzgpS.webp
88.99.35.48200 OK 28 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/03/xatma_002.jpg.pagespeed.ic.HpDyvKzgpS.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x309, components 3\012- data
Hash 92bfff54ca044780ea145547c38cf76c
584883cabc0164c72a8a58069917c1973ae52f38
1edb28118f78add98996809c479507b5d4f7f22ada6d8057f2935dad8850dba7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/03/xatma_002.jpg.pagespeed.ic.HpDyvKzgpS.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: image/jpeg
Content-Length: 28079
Connection: keep-alive
Last-Modified: Tue, 13 Mar 2018 19:43:02 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/03/atma_002.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2019/05/xm_TOPS_nova_boja_logo_1_1-433x350.jpg.pagespeed.ic.U5V3Ko1XMm.webp
88.99.35.48200 OK 32 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2019/05/xm_TOPS_nova_boja_logo_1_1-433x350.jpg.pagespeed.ic.U5V3Ko1XMm.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 433x350, components 3\012- data
Hash 0d9ea4350404edfd67f95f901acc2a88
3661089cb974c6a71837179c7142a96a8259f9ae
ff9d829653b9aec52f2431ba3200b4eddbe75a0eaea7639bd2b2c5a17c0bef01
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2019/05/xm_TOPS_nova_boja_logo_1_1-433x350.jpg.pagespeed.ic.U5V3Ko1XMm.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: image/jpeg
Content-Length: 32106
Connection: keep-alive
Last-Modified: Thu, 11 Mar 2021 00:04:30 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2019/05/m_TOPS_nova_boja_logo_1_1-433x350.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/03/xas1_2019-460x400.jpg.pagespeed.ic.jIVpMUtWd_.webp
88.99.35.48200 OK 28 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/03/xas1_2019-460x400.jpg.pagespeed.ic.jIVpMUtWd_.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 460x400, components 3\012- data
Hash 110f659807cb3f467346434e46cc0713
cac5b97168e80037eda212532b13b4dcb211f9b3
bfe4e39190d094951284c46170e57a74c08688e66bb8aff7f837be8fd72672b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/03/xas1_2019-460x400.jpg.pagespeed.ic.jIVpMUtWd_.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: image/jpeg
Content-Length: 27608
Connection: keep-alive
Last-Modified: Wed, 07 Mar 2018 14:45:17 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/03/as1_2019-460x400.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f89ba976a74ff83160c2cc0b64162a66
825f8342c73925833bcad054c394a6348b19f629
1b14729500fa338a2ffb77074d9cad4b2650777aa21c69b9c30335aafe1cebc6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B14729500FA338A2FFB77074D9CAD4B2650777AA21C69B9C30335AAFE1CEBC6"
Last-Modified: Thu, 01 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21551
Expires: Thu, 01 Sep 2022 09:13:27 GMT
Date: Thu, 01 Sep 2022 03:14:16 GMT
Connection: keep-alive
www.atma.rs/wp-content/uploads/2019/04/xseebbe_2018logo_1280x853-1-433x350.png.pagespeed.ic.vC2wd5FV6s.png
88.99.35.48200 OK 81 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2019/04/xseebbe_2018logo_1280x853-1-433x350.png.pagespeed.ic.vC2wd5FV6s.png
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 433 x 350, 8-bit/color RGBA, non-interlaced\012- data
Hash 6270c3436e00a6e00b1329dcfd3a2c51
4fdecad3739df6c6f3719e6f422cb07c7bf95ec7
cecb55a3a41f1b9c6f2a8ed51afb601f874769bfbc4b01517ca0b1fb4fe43a76
GET /wp-content/uploads/2019/04/xseebbe_2018logo_1280x853-1-433x350.png.pagespeed.ic.vC2wd5FV6s.png HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: image/png
Content-Length: 80552
Connection: keep-alive
Last-Modified: Thu, 11 Mar 2021 00:04:30 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2019/04/seebbe_2018logo_1280x853-1-433x350.png>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/03/xas1_2238-460x400.jpg.pagespeed.ic.NsqusTJd7J.webp
88.99.35.48200 OK 59 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/03/xas1_2238-460x400.jpg.pagespeed.ic.NsqusTJd7J.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 460x400, components 3\012- data
Hash a8dcc22a1631d995661df682e1013732
f5fce90b3e961e9c89f7cdc618fa60260aeab947
e3a1d34c14ba2e7c7d2cccec25a7805ebe751b3befe69b6ed1354b1f1688961f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/03/xas1_2238-460x400.jpg.pagespeed.ic.NsqusTJd7J.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: image/jpeg
Content-Length: 58611
Connection: keep-alive
Last-Modified: Wed, 07 Mar 2018 14:41:49 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/03/as1_2238-460x400.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/12/xcropped-Atma-Logo-300a.png.pagespeed.ic.icZgRVT-Cd.png
88.99.35.48200 OK 15 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/12/xcropped-Atma-Logo-300a.png.pagespeed.ic.icZgRVT-Cd.png
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 300 x 291, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e07606ec19be8a21f0dfbceebe3af7f
3daba6c570994220b38a9532f8f279c2731c3945
669bf6001abe9a660ceec0971e926063e4b4bbb080d8f42d2feaa6d32b8d8fca
GET /wp-content/uploads/2018/12/xcropped-Atma-Logo-300a.png.pagespeed.ic.icZgRVT-Cd.png HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: image/png
Content-Length: 15393
Connection: keep-alive
Last-Modified: Thu, 11 Mar 2021 00:04:30 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/12/cropped-Atma-Logo-300a.png>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/03/xatma_004.jpg.pagespeed.ic.WEVk9h6z0e.webp
88.99.35.48200 OK 44 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/03/xatma_004.jpg.pagespeed.ic.WEVk9h6z0e.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x309, components 3\012- data
Hash 2408ea281cc04b2b0842410912efc55f
cb830558b33e04c3a236eb16d6589c43bc2b98b7
b3bb8ebe2ef1e751f40ba348074fef9150aa25fdcd3472fffe9f27daef44cd73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/03/xatma_004.jpg.pagespeed.ic.WEVk9h6z0e.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: image/jpeg
Content-Length: 44197
Connection: keep-alive
Last-Modified: Tue, 13 Mar 2018 19:49:34 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/03/atma_004.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/03/xatma_001a.jpg.pagespeed.ic.IRpEp_IdXW.webp
88.99.35.48200 OK 78 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/03/xatma_001a.jpg.pagespeed.ic.IRpEp_IdXW.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:03:27 13:30:35, copyright=FotoS 069/670-970], baseline, precision 8, 700x309, components 3\012- data
Hash 33a10e3691e872850c79fd6ea8c351b8
509700b709490ccb2ef4b27cfc3259945b20ee3b
a88e717d2ce55117dc382fdb59715b840808c2fefcaed1e44abccaa36b6c93dd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/03/xatma_001a.jpg.pagespeed.ic.IRpEp_IdXW.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: image/jpeg
Content-Length: 77757
Connection: keep-alive
Last-Modified: Thu, 11 Mar 2021 00:04:29 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/03/atma_001a.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/03/xas1_1980-460x400.jpg.pagespeed.ic.9n141cEfTx.webp
88.99.35.48200 OK 25 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/03/xas1_1980-460x400.jpg.pagespeed.ic.9n141cEfTx.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 460x400, components 3\012- data
Hash 68a39cd9d80d82e5e01ff6a6a1ecf05c
9ff696491e7c8472498307bba02a26e75040dc55
b8e65493f89c5e49020b2e20d937e253d12efc2f771b97d91beadb8f244053a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/03/xas1_1980-460x400.jpg.pagespeed.ic.9n141cEfTx.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: image/jpeg
Content-Length: 25329
Connection: keep-alive
Last-Modified: Wed, 07 Mar 2018 14:35:53 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/03/as1_1980-460x400.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/03/xatma_003.jpg.pagespeed.ic.UBy3jVMDfc.webp
88.99.35.48200 OK 23 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/03/xatma_003.jpg.pagespeed.ic.UBy3jVMDfc.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x309, components 3\012- data
Hash ae81e8f03bd16e6564f7991296e289e0
031df77557ac8e473b8f186098d3080341305ab9
d45d758cc625ec0fd8ca40391c71a506d3521c2bc39740713d74b9dfbe283ec4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/03/xatma_003.jpg.pagespeed.ic.UBy3jVMDfc.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: image/jpeg
Content-Length: 22848
Connection: keep-alive
Last-Modified: Tue, 13 Mar 2018 19:51:53 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/03/atma_003.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/uploads/2018/01/xatma_005.jpg.pagespeed.ic.aY-1w4mcWD.webp
88.99.35.48200 OK 102 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/01/xatma_005.jpg.pagespeed.ic.aY-1w4mcWD.webp
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=FotoS 069/670-970 ], baseline, precision 8, 700x309, components 3\012- data
Size 102 kB (101908 bytes)
Hash 2cef1c3d74211e191da7279a42d73df9
dd1dd05522347ff8c9a09dfe55a74eeab7dcdab9
46121d2d66cb611d7723783bc8e5ef818bb5e5ad67fdfb076d91f22cdd74f332
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/01/xatma_005.jpg.pagespeed.ic.aY-1w4mcWD.webp HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: image/jpeg
Content-Length: 101908
Connection: keep-alive
Last-Modified: Thu, 25 Jan 2018 13:21:23 GMT
Accept-Ranges: bytes
Link: <http://www.atma.rs/wp-content/uploads/2018/01/atma_005.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
clark.cofounderspecials.com/special.js?v=2.200
91.211.91.112200 OK 573 B URL HTTP/1.1 clark.cofounderspecials.com/special.js?v=2.200
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /special.js?v=2.200 HTTP/1.1
Host: clark.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
host3.mbstehnika.rs/atmanovi/wp-content/uploads/2018/03/zaglavlje3.png
88.99.35.48200 OK 1.2 MB URL HTTP/1.1 host3.mbstehnika.rs/atmanovi/wp-content/uploads/2018/03/zaglavlje3.png
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1600 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1202008 bytes)
Hash 8973a70397eefb0b35839a2399d04942
1075294db73c2be1b7504bbf4b5116e93a457cee
9ced0d3612b2c16b1859b45e0eb59a082833cadde9adf41bd3683168711acc62
GET /atmanovi/wp-content/uploads/2018/03/zaglavlje3.png HTTP/1.1
Host: host3.mbstehnika.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: image/png
Content-Length: 1202008
Last-Modified: Wed, 20 May 2020 11:30:25 GMT
Connection: keep-alive
ETag: "5ec514d1-125758"
X-Powered-By: PleskLin
Accept-Ranges: bytes
clark.cofounderspecials.com/special.js?v=2.200
91.211.91.112200 OK 573 B URL HTTP/1.1 clark.cofounderspecials.com/special.js?v=2.200
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /special.js?v=2.200 HTTP/1.1
Host: clark.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3212
Expires: Thu, 01 Sep 2022 04:07:48 GMT
Date: Thu, 01 Sep 2022 03:14:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3212
Expires: Thu, 01 Sep 2022 04:07:48 GMT
Date: Thu, 01 Sep 2022 03:14:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0d8ed4b8bda662c244b9d26cf143147
151395a70faa075762664fc6cd52a65004b5c81c
49b381815612b7ecb021f243438aae99e399993d91fb38bf5d7bb3d357519d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9152
x-amzn-requestid: 12c7a724-7c66-488e-b1c4-ac222ed4e5aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i5H6sIAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-0fc85d8539d761367b821823;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _j9qaEvy56YyK9qz0CaE2IO9_yEsoM7RIhO_5gddryb3pgOdOmH-OA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:15 GMT
age: 20221
etag: "151395a70faa075762664fc6cd52a65004b5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mDad6prX28HjnDw7hq0B9vE_BaX9qqrjaOo7A46jhu2S505prB5SJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:11 GMT
age: 20225
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda44a2d-49bb-4976-9f1b-f5040f20fde7.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda44a2d-49bb-4976-9f1b-f5040f20fde7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5462f9cd42022db20960e7e427a3435b
46c5459c2180470d9ef093e0462864a50aecec04
7a5d4e5f5640ea5e11e5ef09404c6c5c1b35274749a7008b8012c5596193e2d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda44a2d-49bb-4976-9f1b-f5040f20fde7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7037
x-amzn-requestid: 87fe6c4c-b2f0-4253-a49a-9b7dbb25489e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdMltH-AIAMF8VQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63085af1-32d919c1565746a82988166d;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 05:32:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yB5TgpNE5V24NkbNVTQfwNxn-IVjGcs3CamGNlabOvnFxMoR_yzX5w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 15:14:38 GMT
age: 43178
etag: "46c5459c2180470d9ef093e0462864a50aecec04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35c8a1f0-6f7f-4b0f-baea-84eaeec25782.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35c8a1f0-6f7f-4b0f-baea-84eaeec25782.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bb15bd7bc4dd59e28a1066c8e67751e
d0a18577ff979c34c4f1e45515542c8b12c8b0e3
e1297a01a214f262b14cd04ebaafd913e4c9f09bd86dbeac600db57f39f51077
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35c8a1f0-6f7f-4b0f-baea-84eaeec25782.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10508
x-amzn-requestid: ff89b1da-4384-4787-844f-a7a65fb20b51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdacUE8tIAMF3QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308711b-7d09607973e1755d34aa0184;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:07:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f5RXilXHrfdz2NOuDKn7vHXcpiqi-dPc5ig0OqEP3Playiz3DT4tgg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 13:08:33 GMT
age: 50743
etag: "d0a18577ff979c34c4f1e45515542c8b12c8b0e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qYh5Pc0cx8--7rIjlMt8IhDKNDMnZEpC_7xfNBIJxWllyLcG9Eh6xg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 04:03:39 GMT
age: 83437
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.atma.rs/wp-content/uploads/visualcomposer-assets/assets-bundles/A.30e2fe11f468160ffdcaec9015593d5a.source.css,qver=35.1.30e2fe11f468160ffdcaec9015593d5a-9.pagespeed.cf.wTeW_9PzXc.css
88.99.35.48200 OK 24 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/visualcomposer-assets/assets-bundles/A.30e2fe11f468160ffdcaec9015593d5a.source.css,qver=35.1.30e2fe11f468160ffdcaec9015593d5a-9.pagespeed.cf.wTeW_9PzXc.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
Hash f5ea8e05ad3811391cd5e8571dafad4f
ce5a600752b081196688a21eb527f0fc8887ae84
534bea12cf6980ef8b4e536952ba59ee295d12ca9516a50cb441fa31d4124275
GET /wp-content/uploads/visualcomposer-assets/assets-bundles/A.30e2fe11f468160ffdcaec9015593d5a.source.css,qver=35.1.30e2fe11f468160ffdcaec9015593d5a-9.pagespeed.cf.wTeW_9PzXc.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 14382
Connection: keep-alive
Last-Modified: Fri, 12 Mar 2021 18:51:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 14382
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
clark.cofounderspecials.com/special.js?v=2.200
91.211.91.112200 OK 573 B URL HTTP/1.1 clark.cofounderspecials.com/special.js?v=2.200
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /special.js?v=2.200 HTTP/1.1
Host: clark.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
clark.cofounderspecials.com/special.js?v=2.200
91.211.91.112200 OK 573 B URL HTTP/1.1 clark.cofounderspecials.com/special.js?v=2.200
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /special.js?v=2.200 HTTP/1.1
Host: clark.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
clark.cofounderspecials.com/special.js?v=2.200
91.211.91.112200 OK 573 B URL HTTP/1.1 clark.cofounderspecials.com/special.js?v=2.200
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /special.js?v=2.200 HTTP/1.1
Host: clark.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.atma.rs/wp-content/plugins/cryout-serious-slider/resources/fonts/serioussliderglyphs.ttf?ap45ke
88.99.35.48200 OK 2.6 kB URL HTTP/1.1 www.atma.rs/wp-content/plugins/cryout-serious-slider/resources/fonts/serioussliderglyphs.ttf?ap45ke
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, serioussliderglyphs\012- data
Hash f641b5a802513e5548d0d515664ae243
f78887cc9cc514b574d0b7ddbf230cb2862fafb8
ed1ad62d87d14636258a0e8c38a9954d146daba68d7ffc03036cd0997bfd68c7
GET /wp-content/plugins/cryout-serious-slider/resources/fonts/serioussliderglyphs.ttf?ap45ke HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/wp-content/plugins/cryout-serious-slider/resources/A.style.css,qver=1.2.1.pagespeed.cf.gg6cm-J4rP.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: application/font-sfnt
Content-Length: 2624
Last-Modified: Fri, 12 Mar 2021 18:50:21 GMT
Connection: keep-alive
Cache-Control: s-maxage=10
ETag: "604bb7ed-a40"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.atma.rs/wp-content/uploads/2018/01/atma_001.jpg
88.99.35.48200 OK 136 kB URL HTTP/1.1 www.atma.rs/wp-content/uploads/2018/01/atma_001.jpg
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=FotoS 069/670-970 ], baseline, precision 8, 700x309, components 3\012- data
Size 136 kB (136453 bytes)
Hash 4e72e2fb28c5eac69ffae906d2c4c624
fd7dd781598b91522749ff27a766878e7de59c67
9737e8204d722fb65411f754f13071accd9f1f83f0697888d5830bdd5a47eeb4
GET /wp-content/uploads/2018/01/atma_001.jpg HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: image/jpeg
Content-Length: 136453
Last-Modified: Thu, 25 Jan 2018 13:21:21 GMT
Connection: keep-alive
Cache-Control: s-maxage=10
ETag: "5a69d9d1-21505"
X-Powered-By: PleskLin
Accept-Ranges: bytes
clark.cofounderspecials.com/special.js?v=2.200
91.211.91.112200 OK 573 B URL HTTP/1.1 clark.cofounderspecials.com/special.js?v=2.200
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /special.js?v=2.200 HTTP/1.1
Host: clark.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b4a73637dd140aa2a59daa477faa306
7375e688e33e8398841e96d1d8d5a80885a7f744
95be73fc23236be733bc5de76f214a6c9efddf515d7479e1391e95ee1c09441c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:14:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
away.bettershitecolumn.com/away.php?id=98&kid=3467-23&sid=884578-34-76987-11
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/away.php?id=98&kid=3467-23&sid=884578-34-76987-11
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /away.php?id=98&kid=3467-23&sid=884578-34-76987-11 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 01 Sep 2022 03:14:17 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
x-powered-by: PHP/7.3.33
access-control-allow-origin: *
set-cookie: qwerty_away.php=0; expires=Fri, 02-Sep-2022 03:14:17 GMT; Max-Age=86400; path=/
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.php?aid=98823&uid=46536-433-636474-23 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.atma.rs/
Connection: keep-alive
Cookie: qwerty_away.php=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 01 Sep 2022 03:14:18 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
91.211.91.104200 OK 840 B URL HTTP/2 away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6842883f30ea856aa4cf73faa5430ca7
04cf91d5f26404985cf4ce42713dbc38166b4fcf
59ea7eef33594cf319a56c75476b431a00e40390e8c2d825d0fa8d97a2b792c5
GET /track.php?tid=54889&lid=9554-66-457679-29 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.atma.rs/
Connection: keep-alive
Cookie: qwerty_away.php=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:14:18 GMT
content-type: text/html; charset=UTF-8
content-length: 840
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6e9902e585d584cf9d211658b2ed1e48
26a2ff7d5adf76044ecb5c0572826eea671bc59e
c214ad017a48eb478ed087db5e67566476ac314af4b91b4b18c856c9ab4d877e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C214AD017A48EB478ED087DB5E67566476AC314AF4B91B4B18C856C9AB4D877E"
Last-Modified: Wed, 31 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11828
Expires: Thu, 01 Sep 2022 06:31:27 GMT
Date: Thu, 01 Sep 2022 03:14:19 GMT
Connection: keep-alive
blueskyactivecontrol.com/?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5
185.177.94.108200 OK 53 kB URL HTTP/2 blueskyactivecontrol.com/?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (29334)
Hash 7eb4e2024c7fcb595abaf766ad3f9fa7
dd949dc07a44147814676b7fe0ee5345f8c9fac7
727a6c72f45b1647349c0b428d6f1a1e1d14601d98fb63b0d57f65d00e235f2a
GET /?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5 HTTP/1.1
Host: blueskyactivecontrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:14:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46; expires=Sat, 01-Oct-2022 03:14:19 GMT; Max-Age=2592000; path=/; domain=blueskyactivecontrol.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
blueskyactivecontrol.com/favicon.ico
185.177.94.108204 No Content 0 B URL HTTP/2 blueskyactivecontrol.com/favicon.ico
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: blueskyactivecontrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blueskyactivecontrol.com/?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5
Cookie: uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 01 Sep 2022 03:14:19 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2968880f18bdd79799eec1766e6ae183
bae542e1521cec5b9cd9e36e93280b7d751915db
1d86dc23188c1ee53726416e742929415bd761373e7748e3e6cc3217421b91a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D86DC23188C1EE53726416E742929415BD761373E7748E3E6CC3217421B91A8"
Last-Modified: Tue, 30 Aug 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2731
Expires: Thu, 01 Sep 2022 03:59:50 GMT
Date: Thu, 01 Sep 2022 03:14:19 GMT
Connection: keep-alive
oo00.biz/sw/w1s.js
195.154.49.166200 OK 1.4 kB IP 195.154.49.166:0
Hash e1d7abfb31d91b534fe467bc1357a55b
b2ec87e57c6ac82c5e3bb5ce4bf2f6ca906c0116
820193bb899f5acd5beda1e0a2b0cc58fc80f741e776a3506348cdd2081dbb94
GET /sw/w1s.js HTTP/1.1
Host: oo00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blueskyactivecontrol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:14:19 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Fri, 01 Sep 2023 03:14:19 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.blueskyactivecontrol.com/favicon.ico
185.177.94.108204 No Content 0 B URL HTTP/2 0.blueskyactivecontrol.com/favicon.ico
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 0.blueskyactivecontrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskyactivecontrol.com/?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5
Cookie: uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46; uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 01 Sep 2022 03:14:20 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.blueskyactivecontrol.com/w66899721.js
185.177.94.108304 Not Modified 0 B URL HTTP/2 0.blueskyactivecontrol.com/w66899721.js
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w66899721.js HTTP/1.1
Host: 0.blueskyactivecontrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46; uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46; uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 27 Jul 2022 05:35:25 GMT
If-None-Match: "62e0ce9d-31"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Sep 2022 03:14:21 GMT
last-modified: Wed, 27 Jul 2022 05:35:25 GMT
etag: "62e0ce9d-31"
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2968880f18bdd79799eec1766e6ae183
bae542e1521cec5b9cd9e36e93280b7d751915db
1d86dc23188c1ee53726416e742929415bd761373e7748e3e6cc3217421b91a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D86DC23188C1EE53726416E742929415BD761373E7748E3E6CC3217421B91A8"
Last-Modified: Tue, 30 Aug 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2729
Expires: Thu, 01 Sep 2022 03:59:50 GMT
Date: Thu, 01 Sep 2022 03:14:21 GMT
Connection: keep-alive
www.atma.rs/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/A.v4-shims.min.css,qver=2.10.4.pagespeed.cf.0XlImbwfpC.css
88.99.35.48200 OK 0 B URL HTTP/1.1 www.atma.rs/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/A.v4-shims.min.css,qver=2.10.4.pagespeed.cf.0XlImbwfpC.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/A.v4-shims.min.css,qver=2.10.4.pagespeed.cf.0XlImbwfpC.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 26702
Connection: keep-alive
Last-Modified: Fri, 12 Mar 2021 18:50:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 26702
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/plugins/mega-addons-for-visual-composer/css/A.ihover.css,qver=5.7.7.pagespeed.cf.B4HnDs5Kyt.css
88.99.35.48200 OK 0 B URL HTTP/1.1 www.atma.rs/wp-content/plugins/mega-addons-for-visual-composer/css/A.ihover.css,qver=5.7.7.pagespeed.cf.B4HnDs5Kyt.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/mega-addons-for-visual-composer/css/A.ihover.css,qver=5.7.7.pagespeed.cf.B4HnDs5Kyt.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 152689
Connection: keep-alive
Last-Modified: Fri, 12 Mar 2021 18:50:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 152689
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
0.blueskyactivecontrol.com/?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5
185.177.94.108200 OK 0 B URL HTTP/2 0.blueskyactivecontrol.com/?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
GET /?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5 HTTP/1.1
Host: 0.blueskyactivecontrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blueskyactivecontrol.com/
Cookie: uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:14:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46; expires=Sat, 01-Oct-2022 03:14:19 GMT; Max-Age=2592000; path=/; domain=0.blueskyactivecontrol.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.blueskyactivecontrol.com/?auf=gjqtimzsmy5diojygyxtonbqhextemrpge3dmmrqgazdanjz&s=1&sub1=&sub2=Vtrain5&sub3=&sub4=&cpc=0&cpm=0
185.177.94.108200 OK 0 B URL HTTP/2 0.blueskyactivecontrol.com/?auf=gjqtimzsmy5diojygyxtonbqhextemrpge3dmmrqgazdanjz&s=1&sub1=&sub2=Vtrain5&sub3=&sub4=&cpc=0&cpm=0
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
GET /?auf=gjqtimzsmy5diojygyxtonbqhextemrpge3dmmrqgazdanjz&s=1&sub1=&sub2=Vtrain5&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1
Host: 0.blueskyactivecontrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.blueskyactivecontrol.com/?p=gm2gezrzhe5gi3bpg42daoi&sub2=Vtrain5
Cookie: uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46; uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:14:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=44058a8b-d1b9-4e1f-890b-14d86d3a4a46; expires=Sat, 01-Oct-2022 03:14:20 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
www.atma.rs/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/A.all.min.css,qver=2.10.4.pagespeed.cf.DZzERmZbAt.css
88.99.35.48200 OK 0 B URL HTTP/1.1 www.atma.rs/wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/A.all.min.css,qver=2.10.4.pagespeed.cf.DZzERmZbAt.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/themeisle-companion/obfx_modules/gutenberg-blocks/assets/fontawesome/css/A.all.min.css,qver=2.10.4.pagespeed.cf.DZzERmZbAt.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 58578
Connection: keep-alive
Last-Modified: Fri, 12 Mar 2021 18:50:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 58578
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/themes/anima/resources/fonts/A.fontfaces.css,qver=1.4.0.pagespeed.cf.cuvV4HSR0U.css
88.99.35.48200 OK 0 B URL HTTP/1.1 www.atma.rs/wp-content/themes/anima/resources/fonts/A.fontfaces.css,qver=1.4.0.pagespeed.cf.cuvV4HSR0U.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/themes/anima/resources/fonts/A.fontfaces.css,qver=1.4.0.pagespeed.cf.cuvV4HSR0U.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 35454
Connection: keep-alive
Last-Modified: Fri, 12 Mar 2021 18:51:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 35454
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
www.atma.rs/wp-content/themes/anima/A.style.css,qver=1.4.0.pagespeed.cf.TpVl1piQ8-.css
88.99.35.48200 OK 0 B URL HTTP/1.1 www.atma.rs/wp-content/themes/anima/A.style.css,qver=1.4.0.pagespeed.cf.TpVl1piQ8-.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/themes/anima/A.style.css,qver=1.4.0.pagespeed.cf.TpVl1piQ8-.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 124707
Connection: keep-alive
Last-Modified: Fri, 12 Mar 2021 18:51:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 124707
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin
load.bettershitecolumn.com/slash.js?v=0.9.7
91.211.91.104200 OK 0 B URL HTTP/2 load.bettershitecolumn.com/slash.js?v=0.9.7
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
GET /slash.js?v=0.9.7 HTTP/1.1
Host: load.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.atma.rs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:14:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/7.3.33
access-control-allow-origin: *
set-cookie: qwerty_slash.js=0; expires=Fri, 02-Sep-2022 03:14:16 GMT; Max-Age=86400; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
www.atma.rs/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/A.all.css,qver=5.7.7.pagespeed.cf.aTE7L5PR_Z.css
88.99.35.48200 OK 0 B URL HTTP/1.1 www.atma.rs/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/A.all.css,qver=5.7.7.pagespeed.cf.aTE7L5PR_Z.css
IP 88.99.35.48:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/A.all.css,qver=5.7.7.pagespeed.cf.aTE7L5PR_Z.css HTTP/1.1
Host: www.atma.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.atma.rs/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 03:14:15 GMT
Content-Type: text/css
Content-Length: 70756
Connection: keep-alive
Last-Modified: Fri, 12 Mar 2021 18:50:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Original-Content-Length: 70756
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Sep 2022 03:19:09 GMT
Cache-Control: max-age=300,private
X-Powered-By: PleskLin