firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 10:07:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YJUkZlbjdL_FFoBCqSihV3_BfEEokkfgat54cZs7EC76WF10t8-Z1w==
Age: 1487
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21146
Expires: Sun, 11 Sep 2022 16:24:47 GMT
Date: Sun, 11 Sep 2022 10:32:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b6H-71aHw3oJX0yeapWWocsIIE08jMawjr2Pke3ke3_nc51lz6kT0Q==
age: 11709
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 10:32:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 09:56:07 GMT
Expires: Sun, 11 Sep 2022 10:23:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fRyZW3za9AgqE2Dc7ZcAKmFVEWFyKqL9PWCUMhwqcFzr7LeGMQ6g6A==
Age: 2175
educatiolines.com/index.php
200 OK 98 kB URL HTTP/1.1 educatiolines.com/index.php
IP
ASN #34300 Internet-Cosmos LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (549), with CRLF, CR, LF line terminators
Hash 37c32df4f921daba097dedf4d50744ff
a1897b24e203fd948a9a837435146695b3f1dc6c
9218005523ed540b17f9aab1b5cd02d1d7188553f2b163f656cb43a90b687f7a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /index.php HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
X-Powered-CMS: Bitrix Site Manager (b7ed0826e2a72f8a69bb45407432953b)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; path=/; HttpOnly
BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; expires=Wed, 06-Sep-2023 10:32:22 GMT; Max-Age=31104000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3936
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:22 GMT
Last-Modified: Sun, 11 Sep 2022 09:26:46 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Ubuntu:300italic,400italic,500italic,700italic,400,300,500,700subset=latin,cyrillic-ext
200 OK 821 B URL HTTP/1.1 fonts.googleapis.com/css?family=Ubuntu:300italic,400italic,500italic,700italic,400,300,500,700subset=latin,cyrillic-ext
IP
Hash fa68c0216205d4c62981bc5b1af28f9a
4270156f7e61b55a59fe97e65605b1536ac3c5a6
a04192006b140d1b2c78dabfe334c941d2b04ad8f54e3ae07c2e827c4885ac90
GET /css?family=Ubuntu:300italic,400italic,500italic,700italic,400,300,500,700subset=latin,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 11 Sep 2022 10:32:22 GMT
Date: Sun, 11 Sep 2022 10:32:22 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
educatiolines.com/bitrix/js/ui/fonts/opensans/ui.font.opensans.min.css?16614687552320
200 OK 300 B URL HTTP/1.1 educatiolines.com/bitrix/js/ui/fonts/opensans/ui.font.opensans.min.css?16614687552320
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (2320), with no line terminators
Hash 60896675242920ee18364a70f2637f2a
7c68d9b499fcfe97fe3102a086a3047d8476b0b9
86267291c3f4e2624b55ff2545466af06d82ef6fe484b4a48f54689d132bb494
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/js/ui/fonts/opensans/ui.font.opensans.min.css?16614687552320 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: text/css
Last-Modified: Thu, 25 Aug 2022 23:05:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080053-910"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/css/arturgolubev.cookiealert/style.min.css?16614687503794
200 OK 767 B URL HTTP/1.1 educatiolines.com/bitrix/css/arturgolubev.cookiealert/style.min.css?16614687503794
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (3794), with no line terminators
Hash 72adeca58a8f7fb4f21814b2cbcea313
e8777b4f69038205a461a6884ddd4cbcb94ef226
0661725dde6a08d6fc7741ab036a2af1f4c8f92b6b10456385f8f1d99a24b78d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/css/arturgolubev.cookiealert/style.min.css?16614687503794 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: text/css
Last-Modified: Thu, 25 Aug 2022 23:05:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6308004e-ed2"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
educatiolines.com/bitrix/cache/js/s2/aspro_next/kernel_main/kernel_main_v1.js?1661486090152850
200 OK 36 kB URL HTTP/1.1 educatiolines.com/bitrix/cache/js/s2/aspro_next/kernel_main/kernel_main_v1.js?1661486090152850
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (51433)
Hash a9f643898e0cf857c793b51a92f145f0
4ab3f660dc5deed5a91edd7b7f9761094f56d75c
1f4e18a1f143935eb669c351cff8c324edefdac627d9a93699863c68d4d13a3f
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/cache/js/s2/aspro_next/kernel_main/kernel_main_v1.js?1661486090152850 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: application/javascript
Last-Modified: Fri, 26 Aug 2022 03:54:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6308440a-25512"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/js/pull/protobuf/protobuf.min.js?166146875676433
200 OK 22 kB URL HTTP/1.1 educatiolines.com/bitrix/js/pull/protobuf/protobuf.min.js?166146875676433
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 32e04357fd44f6c345bd57f22d708b93
24ae016a00785b0d42218df80665a3e4d863ee36
eda54f4ae9c6cf31708eb8d5b7517ffcf16766b5c2e7f50ec984f59727e8a782
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/js/pull/protobuf/protobuf.min.js?166146875676433 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080054-12a91"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
educatiolines.com/bitrix/js/rest/client/rest.client.min.js?16614687669240
200 OK 3.2 kB URL HTTP/1.1 educatiolines.com/bitrix/js/rest/client/rest.client.min.js?16614687669240
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (9200)
Hash 5e4a0386cd6aabc11f11e371144a5bdb
1d1a6bf59b715a5eae5efa3ec78bf41ef430cea1
1f52075b2c3baa4b879b1541a09c05a04739bb28a50694a2ffdaae5eeef9e48d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/js/rest/client/rest.client.min.js?16614687669240 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:06:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6308005e-2418"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zsewy/W1+p+9WLU5Cl4lCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hb5zBen3TqatAJMkeiHULVtGosE=
educatiolines.com/bitrix/js/pull/client/pull.client.min.js?166146875644545
200 OK 11 kB URL HTTP/1.1 educatiolines.com/bitrix/js/pull/client/pull.client.min.js?166146875644545
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (44505)
Hash 4fd25fb05e7596c7eb1cb9fe4afb5633
fa633a38315d422e3e27dcc1e5bb53def16931e5
dd0a05b309324b1f2ab1e1f10ab0f7c283c8936343cba7431a1abbb2849abeec
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/js/pull/client/pull.client.min.js?166146875644545 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080054-ae01"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/js/main/core/core.min.js?1661468758216224
200 OK 64 kB URL HTTP/1.1 educatiolines.com/bitrix/js/main/core/core.min.js?1661468758216224
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (65418)
Hash 9cc0a434339af9ffc04f7772882db28d
f9be38b589a999652fcbf145ef60e6843009fcc8
6ef04ae40425f8079c58475795dd0923a32cccf523c4a2a68b1ffc7de3372b24
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/js/main/core/core.min.js?1661468758216224 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:05:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080056-34ca0"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/js/main/jquery/jquery-2.1.3.min.js?166146875884320
200 OK 30 kB URL HTTP/1.1 educatiolines.com/bitrix/js/main/jquery/jquery-2.1.3.min.js?166146875884320
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (32180)
Hash fd626082b663fc439928fcfc9235b435
5245fa3447561ce3f2394ac1236e5900db81d3b9
d15635e284a716d3c5c9564d2a70fd6889f23088bb07ab848f60bf6bf5b1e714
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/js/main/jquery/jquery-2.1.3.min.js?166146875884320 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:05:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080056-14960"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/js/main/ajax.min.js?166146875822194
200 OK 5.9 kB URL HTTP/1.1 educatiolines.com/bitrix/js/main/ajax.min.js?166146875822194
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (22161)
Hash 55b5d726f8747b56053c4529d4938f78
2d8b2101eac05b5ccf4ecc5ed4e6feb5b4112fce
3176977e0adf73609e01b075191ba365de0ae1e7347a772836ba96e47ab453e4
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/js/main/ajax.min.js?166146875822194 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:05:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080056-56b2"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/js/main/popup/dist/main.popup.bundle.min.js?166146875863284
200 OK 14 kB URL HTTP/1.1 educatiolines.com/bitrix/js/main/popup/dist/main.popup.bundle.min.js?166146875863284
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (63238)
Hash ca884483cd7e6b2ab08711c9b3ce76d4
0d27397f09920dfee9f97c272e56f7e05bbb1c39
d8e78b83bd1e370738fd219df1c64acbade2648d020543eae74ad003f76577a2
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/js/main/popup/dist/main.popup.bundle.min.js?166146875863284 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:05:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080056-f734"
Expires: Mon, 12 Sep 2022 10:32:22 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/js/currency/currency-core/dist/currency-core.bundle.min.js?16614687662842
200 OK 1.0 kB URL HTTP/1.1 educatiolines.com/bitrix/js/currency/currency-core/dist/currency-core.bundle.min.js?16614687662842
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (2793)
Hash 9e522c97773e2d67b00f0779f77cd1aa
a5d82b32107d74d35d9a8b7ccaf441924473da13
c099e1146802154c1422ede7646899bfaaf9e900e0d1b5fd72330e8644e93864
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/js/currency/currency-core/dist/currency-core.bundle.min.js?16614687662842 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:06:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6308005e-b1a"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/js/currency/core_currency.min.js?1661468766833
200 OK 282 B URL HTTP/1.1 educatiolines.com/bitrix/js/currency/core_currency.min.js?1661468766833
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (791)
Hash cac288d874fec880d66b7a0538f4625d
049ac674cad7c3242717ac619d9a88aba5044f96
7379d5085813650d815dc04d0af92f01f8957b28054151cd5cc60245835459c5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/js/currency/core_currency.min.js?1661468766833 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:06:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6308005e-341"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/cache/js/s2/aspro_next/default_1599d2a8390f18affe0f263993326573/default_1599d2a8390f18affe0f263993326573_v1.js?16614714522623
200 OK 1.2 kB URL HTTP/1.1 educatiolines.com/bitrix/cache/js/s2/aspro_next/default_1599d2a8390f18affe0f263993326573/default_1599d2a8390f18affe0f263993326573_v1.js?16614714522623
IP
ASN #34300 Internet-Cosmos LLC
File type HTML document, ASCII text, with very long lines (2228)
Hash 93e33deedf35118112abb2b43be9a32e
cbcdae7afb44c75b095c90161a691ccde56cc7a8
0ec6884c7f8e6f655a0685276d158924b6bd992a5456d7db7634c390a4449a0e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/cache/js/s2/aspro_next/default_1599d2a8390f18affe0f263993326573/default_1599d2a8390f18affe0f263993326573_v1.js?16614714522623 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Aug 2022 23:50:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080adc-a3f"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/js/main/popup/dist/main.popup.bundle.min.css?166146875823804
200 OK 5.5 kB URL HTTP/1.1 educatiolines.com/bitrix/js/main/popup/dist/main.popup.bundle.min.css?166146875823804
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (11383)
Hash 5dd56e13a94fdb89c46758b55d11cfd1
edba4b272ccae0df68da481ba9144c66bf852b50
61adade2ddb127c0d863d7609a5af6be03911a5b931fc90c4bc2b61accbde8c9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/js/main/popup/dist/main.popup.bundle.min.css?166146875823804 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: text/css
Last-Modified: Thu, 25 Aug 2022 23:05:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63080056-5cfc"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/cache/js/s2/aspro_next/template_15138c408dcd0023a1e038ce085c234a/template_15138c408dcd0023a1e038ce085c234a_v1.js?1661487144738731
200 OK 200 kB URL HTTP/1.1 educatiolines.com/bitrix/cache/js/s2/aspro_next/template_15138c408dcd0023a1e038ce085c234a/template_15138c408dcd0023a1e038ce085c234a_v1.js?1661487144738731
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (27674), with CRLF, LF line terminators
Size 200 kB (199777 bytes)
Hash f25f7d20a4cc21d6371e09bafd252f5f
30f605d019b0d4b1c211fbbcc720976aed7f0dfc
751f53318fd542be9285951a238a56c98f9650d0a57aa67c7a161c8fa9d9e7ba
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/cache/js/s2/aspro_next/template_15138c408dcd0023a1e038ce085c234a/template_15138c408dcd0023a1e038ce085c234a_v1.js?1661487144738731 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: application/javascript
Last-Modified: Fri, 26 Aug 2022 04:12:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63084828-b45ab"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
200 OK 197 kB URL HTTP/1.1 educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with very long lines (65212), with CRLF, LF line terminators
Size 197 kB (196737 bytes)
Hash cf43af7f01543f6d5e82c84c39407b08
3721ad3ac6d67b837ce7cf2a0f82985beb686d59
97eb32d814ba8e554c57850982b02ebe390705ca0fd11a9b5516f95a89f8c6d5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: text/css
Last-Modified: Fri, 26 Aug 2022 04:12:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63084828-10f7a5"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
educatiolines.com/upload/iblock/edf/h31l3tzmkfpr6gu2mwxdgleiwzv59yg2.png
200 OK 489 kB URL HTTP/1.1 educatiolines.com/upload/iblock/edf/h31l3tzmkfpr6gu2mwxdgleiwzv59yg2.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 705 x 565, 8-bit/color RGBA, non-interlaced\012- data
Size 489 kB (488971 bytes)
Hash 5192c57f9fd93b3db0073ade81263733
68b7168bdaa99ea4d1aa7fb419bbbd7494f73dcc
172d09cac97fdb752c873a02090e5b51959b3c753a6765fc2f62d284b902369b
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/edf/h31l3tzmkfpr6gu2mwxdgleiwzv59yg2.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/png
Content-Length: 488971
Last-Modified: Thu, 25 Aug 2022 23:09:18 GMT
Connection: keep-alive
ETag: "6308011e-7760b"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/5d2/pe9zahnh9omiz7arw6ltzbmi9a24smlb.png
200 OK 397 kB URL HTTP/1.1 educatiolines.com/upload/iblock/5d2/pe9zahnh9omiz7arw6ltzbmi9a24smlb.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 576 x 491, 8-bit/color RGBA, non-interlaced\012- data
Size 397 kB (397438 bytes)
Hash 897281f7d54d94b1f207713d71f3bc38
58366a79d33c719dc020b4ac44a3c453650d8a2b
a560f2bd45c4d12dcf346d71ca05e57f55e99aaa1c50f3075d751335e03e126f
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/5d2/pe9zahnh9omiz7arw6ltzbmi9a24smlb.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/png
Content-Length: 397438
Last-Modified: Thu, 25 Aug 2022 23:07:55 GMT
Connection: keep-alive
ETag: "630800cb-6107e"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
200 OK 30 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 29752
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 22:32:47 GMT
Expires: Thu, 07 Sep 2023 22:32:47 GMT
Cache-Control: public, max-age=31536000
Age: 302376
Last-Modified: Wed, 27 Apr 2022 17:05:11 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20860, version 1.0\012- data
Hash 15b0d42b9ec6606a60edbdcced868466
73ca3f9f966f6722e78409b22db328ce4da475a9
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 20860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Sep 2022 02:26:52 GMT
Expires: Fri, 08 Sep 2023 02:26:52 GMT
Cache-Control: public, max-age=31536000
Age: 288331
Last-Modified: Wed, 27 Apr 2022 16:15:59 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
200 OK 35 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 34852
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 22:12:19 GMT
Expires: Thu, 07 Sep 2023 22:12:19 GMT
Cache-Control: public, max-age=31536000
Age: 303604
Last-Modified: Wed, 27 Apr 2022 16:31:23 GMT
Content-Type: font/woff2
educatiolines.com/upload/iblock/cdf/kcaikq9csmufrwbk2unz8u7nanuoy1sf.png
200 OK 586 kB URL HTTP/1.1 educatiolines.com/upload/iblock/cdf/kcaikq9csmufrwbk2unz8u7nanuoy1sf.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 750 x 565, 8-bit/color RGBA, non-interlaced\012- data
Size 586 kB (586095 bytes)
Hash 71d5baeab617497ab3a2f62ac00e184f
5aecfda99f4fcfd6398b7196a90cd7aba8aa307a
db62528b1004101cd0c9cbc35f9cdc7b6303f2bfc7ae54436db1da2ee70b8736
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/cdf/kcaikq9csmufrwbk2unz8u7nanuoy1sf.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/png
Content-Length: 586095
Last-Modified: Thu, 25 Aug 2022 23:10:08 GMT
Connection: keep-alive
ETag: "63080150-8f16f"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
200 OK 18 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18200, version 1.0\012- data
Hash 8c7519686a5ddf20a3981e660a5f2610
3e0d73d14e4892b36fb5c6a9854c7d2e6bec005a
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 18200
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Sep 2022 02:32:28 GMT
Expires: Fri, 08 Sep 2023 02:32:28 GMT
Cache-Control: public, max-age=31536000
Age: 287995
Last-Modified: Wed, 27 Apr 2022 17:10:53 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2
200 OK 47 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46796, version 1.0\012- data
Hash 328da9d0efdf3626073910bfd379b2ff
e55f0b86555b18495045db12654779186c94f0a5
d9086c8c2ed7c9f988d63847cd89e81318c1e4ade2112969af26e5744a3bc7d7
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 46796
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Sep 2022 04:58:49 GMT
Expires: Fri, 08 Sep 2023 04:58:49 GMT
Cache-Control: public, max-age=31536000
Age: 279214
Last-Modified: Wed, 27 Apr 2022 16:31:24 GMT
Content-Type: font/woff2
educatiolines.com/upload/iblock/fb4/0szteayajzm9mzm53hibzlsfghagji31.png
200 OK 39 kB URL HTTP/1.1 educatiolines.com/upload/iblock/fb4/0szteayajzm9mzm53hibzlsfghagji31.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 550 x 357, 8-bit colormap, non-interlaced\012- data
Hash 0fa8d61c0eff100f7369abb885020e8b
50bfdf4dc0aeebde8ae9e2ff4f888af6bd91f0b8
6738702bde7c63ae739fa55da4b508504ce3c7882e609bca71cccc044d8b5857
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/fb4/0szteayajzm9mzm53hibzlsfghagji31.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/png
Content-Length: 38874
Last-Modified: Thu, 25 Aug 2022 23:10:52 GMT
Connection: keep-alive
ETag: "6308017c-97da"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/69b/6ufm8gxbz0wn9pbsiazlqp881200qqtk.png
200 OK 58 kB URL HTTP/1.1 educatiolines.com/upload/iblock/69b/6ufm8gxbz0wn9pbsiazlqp881200qqtk.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 576 x 491, 8-bit colormap, non-interlaced\012- data
Hash 3b7f5d49fc3b8beab8592996b1a45d23
9f01380ca149edff0ee9f33db95ac3a8832be3d2
bd73b3fd945ea7cf1184d72e375dce97a1a8276ac4f781598cf8fe07c9d7e195
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/69b/6ufm8gxbz0wn9pbsiazlqp881200qqtk.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/png
Content-Length: 58095
Last-Modified: Thu, 25 Aug 2022 23:10:46 GMT
Connection: keep-alive
ETag: "63080176-e2ef"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1662892332818
200 OK 1.3 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1662892332818
IP
File type ASCII text, with very long lines (2609)
Hash 9aa13215a4b43362e6d4d71b097323a9
c6427457c0e6abd73cfc54f1821f82ee8b385c49
f07e3968771541691260158753c08e386a0c7d9bd76c938ee502ed63ac8ba11c
GET /ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1662892332818 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1250
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03ec2-ad3"
Last-Modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 8179143
Expires: Fri, 01 Sep 2023 10:32:23 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCPipBi9kZisrvVUAIpwiy5dnVdn0BBV0HcByqwhfMvHs054rTYlFVIltAAmklpS%2FIFd6X0hMXI2xVIONZtrCxuDorbNJKnZHytGDndBLDFtHcMXNO54re7e4CnrsJsHS%2BSUwc%2Fh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748fbd3b7efeb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
educatiolines.com/bitrix/templates/aspro_next/vendor/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/vendor/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #34300 Internet-Cosmos LLC
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/vendor/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: font/woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
ETag: "12d68-5e718d652ec6a"
Accept-Ranges: bytes
educatiolines.com/upload/iblock/550/0y1g074rmccf6o4je6sfpk8wdb8hd91a.png
200 OK 572 kB URL HTTP/1.1 educatiolines.com/upload/iblock/550/0y1g074rmccf6o4je6sfpk8wdb8hd91a.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 800 x 565, 8-bit/color RGBA, non-interlaced\012- data
Size 572 kB (571664 bytes)
Hash 013f22abbd383998542b9cc0a0b30096
6ece4c50f84abb6d05493807d39a8495a14b6186
00602f24363ae032e9bc0fca3675e364cca6ff2b72e7b27e31020c08f87222b0
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/550/0y1g074rmccf6o4je6sfpk8wdb8hd91a.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/png
Content-Length: 571664
Last-Modified: Thu, 25 Aug 2022 23:08:54 GMT
Connection: keep-alive
ETag: "63080106-8b910"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/Phone_black.svg
200 OK 886 B URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/Phone_black.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (660)
Hash d016c0ec9437a6080c67ea967c917f16
4cc43e0fcc9a9e26f2cbca31a059884822af5024
7fbedfe6cd9460b1369e755fd6a1cb122a80b08695bfe6def4ef514bc4737d06
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/Phone_black.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/svg+xml
Content-Length: 886
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-376"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
bitrix.info/ba.js
200 OK 3.0 kB IP
File type ASCII text, with very long lines (6659), with no line terminators
Hash 3f4ae6a3d97c2564a0e5c02e1ebdf4f8
df7bad29a1e8c70f9e27467e73a1a3a894055cdf
0d65b327ff4539fbcdc2d773ee883fd832b37aca69352141a731cae2e46844e5
GET /ba.js HTTP/1.1
Host: bitrix.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Last-Modified: Wed, 19 May 2021 09:38:44 GMT
ETag: W/"60a4dca4-1a03"
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: bx_user_id=5373111efffafb076d223601bbd5557b; expires=Wed, 08-Sep-32 10:32:23 GMT; path=/; domain=bitrix.info; SameSite=None; Secure
Access-Control-Allow-Origin: *
Expires: Tue, 13 Sep 2022 10:32:23 GMT
Cache-Control: max-age=172800
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
educatiolines.com/bitrix/templates/aspro_next/images/loaders/pl3.gif
200 OK 7.2 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/loaders/pl3.gif
IP
ASN #34300 Internet-Cosmos LLC
File type GIF image data, version 89a, 64 x 64\012- data
Hash f19dd45c6533b17c043e044f43d310fe
230e6b2b846d570cfca1c131fc64c6308c370d26
f1f78c85eb9bbe1e9e5ce1ce54ea2f2a51db347b0fa3989eedebe16a3a2a0b74
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/loaders/pl3.gif HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/gif
Content-Length: 7154
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-1bf2"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/1aa/sj1fub81ofmd155hwxjr9v91s5c63561.jpg
200 OK 121 kB URL HTTP/1.1 educatiolines.com/upload/iblock/1aa/sj1fub81ofmd155hwxjr9v91s5c63561.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 1102x434, components 3\012- data
Size 121 kB (120754 bytes)
Hash 1157306211003215e61eed28f7509c68
fced7da3dc7bda630d669cb588570dc0eeacaa21
a1ac1613313190858e9f52bf2d38595dd8f5522783ab6da64c2136f55bb0f53d
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/1aa/sj1fub81ofmd155hwxjr9v91s5c63561.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/jpeg
Content-Length: 120754
Last-Modified: Thu, 25 Aug 2022 23:08:32 GMT
Connection: keep-alive
ETag: "630800f0-1d7b2"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/240/d3yedzddj1nzk5f92tvwyndf5e6rgzyj.jpg
200 OK 166 kB URL HTTP/1.1 educatiolines.com/upload/iblock/240/d3yedzddj1nzk5f92tvwyndf5e6rgzyj.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2022:03:29 14:45:41], baseline, precision 8, 530x434, components 3\012- data
Size 166 kB (166347 bytes)
Hash d5c546d194d61915284ebaee50bef68e
3e0ca905d53d5fa09c8498198becb6b0c220a493
4c20c7df677b731e3438a0b2a7d434eacf56b9cb47b07604fce33ac2f3bb5846
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/240/d3yedzddj1nzk5f92tvwyndf5e6rgzyj.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/jpeg
Content-Length: 166347
Last-Modified: Thu, 25 Aug 2022 23:09:19 GMT
Connection: keep-alive
ETag: "6308011f-289cb"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/5cb/lfs2l2xo0lb059auph7gclxte38rrua9.jpg
200 OK 40 kB URL HTTP/1.1 educatiolines.com/upload/iblock/5cb/lfs2l2xo0lb059auph7gclxte38rrua9.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 530x434, components 3\012- data
Hash c5aded924fb01276552d2ee7408b0308
3ee91aba9d56af5a18da9f2e63992b5caeb9d611
9393e83de708caafa9dab534407975d60ecd0da770995d1f704d24b733af98ac
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/5cb/lfs2l2xo0lb059auph7gclxte38rrua9.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/jpeg
Content-Length: 39836
Last-Modified: Thu, 25 Aug 2022 23:09:19 GMT
Connection: keep-alive
ETag: "6308011f-9b9c"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/82f/1mdpqaksbdn9gmee6o4q5vn70hufyn7t.jpg
200 OK 38 kB URL HTTP/1.1 educatiolines.com/upload/iblock/82f/1mdpqaksbdn9gmee6o4q5vn70hufyn7t.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 530x434, components 3\012- data
Hash 79b6cdae79a984a42d7b28a2419c563d
fed08426d50808a5c76c62f919adee685fda3b44
a9ecd2504469358454dfa402550707354d19d5ae0dbd24458b707f1b58c28369
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/82f/1mdpqaksbdn9gmee6o4q5vn70hufyn7t.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/jpeg
Content-Length: 38078
Last-Modified: Thu, 25 Aug 2022 23:09:52 GMT
Connection: keep-alive
ETag: "63080140-94be"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7860
Expires: Sun, 11 Sep 2022 12:43:23 GMT
Date: Sun, 11 Sep 2022 10:32:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7860
Expires: Sun, 11 Sep 2022 12:43:23 GMT
Date: Sun, 11 Sep 2022 10:32:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:57:28 GMT
age: 45295
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
educatiolines.com/bitrix/tools/conversion/ajax_counter.php
200 OK 28 B URL HTTP/1.1 educatiolines.com/bitrix/tools/conversion/ajax_counter.php
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with no line terminators
Hash 7faa7d4c8047fe580db080af59ce3dcb
9a67ed1d0c415c55aaf22ba10b76a52e14b41e07
a001374e40979a6c320d3ccb03f1818e951a8cae58d1654f8b641161760c8861
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /bitrix/tools/conversion/ajax_counter.php HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 64
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
X-Powered-CMS: Bitrix Site Manager (b7ed0826e2a72f8a69bb45407432953b)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D; expires=Mon, 11-Sep-2023 10:32:23 GMT; Max-Age=31536000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
educatiolines.com/upload/iblock/c83/3hcaklkps3z3zxvvomrunv66wdpazb5j.jpg
200 OK 14 kB URL HTTP/1.1 educatiolines.com/upload/iblock/c83/3hcaklkps3z3zxvvomrunv66wdpazb5j.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 397x250, components 3\012- data
Hash e1460e8c1274cd5c984dea33f79920c1
ac65aebf1ac27a3c89bf02b01ac2255ac70a193f
de4601f056dff2c10c05c7a35dbabe596cbb3f5e886698b1af79183197dd7614
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/c83/3hcaklkps3z3zxvvomrunv66wdpazb5j.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/jpeg
Content-Length: 14505
Last-Modified: Thu, 25 Aug 2022 23:09:22 GMT
Connection: keep-alive
ETag: "63080122-38a9"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec2646c56c4c522f0744768ad20342b
ad1d9eee90556a359547dc7cbb6758aee2c804cd
0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:50:01 GMT
age: 34942
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
educatiolines.com/upload/iblock/d9f/ljnb6sl7p0ltnefe99oec64flah4bjkp.jpg
200 OK 107 kB URL HTTP/1.1 educatiolines.com/upload/iblock/d9f/ljnb6sl7p0ltnefe99oec64flah4bjkp.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 1104x434, components 3\012- data
Size 107 kB (107415 bytes)
Hash 01ef218ac01d2a36b47739102f58bcff
4d38c431f325afb026ba2cddad84e444b0a05c31
52f12e7912db5f4209602700cfdfbdd66823afa51de25dfc6da60d45c51a82e0
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/d9f/ljnb6sl7p0ltnefe99oec64flah4bjkp.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/jpeg
Content-Length: 107415
Last-Modified: Thu, 25 Aug 2022 23:09:03 GMT
Connection: keep-alive
ETag: "6308010f-1a397"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd709702d50113aec782e45bb5ecb2a8
c5fcae1c388ff8f44b9e47734b6b65fd4e0fd856
0ec10618a7f2f77cd339e9d1b4e58d29c1c9ad1575f434c813c1d3014c90bf76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9990
x-amzn-requestid: 852e5710-d962-4b43-ad48-9530797ab548
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBsisHAioAMFqsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f477-7de59a7d3553767c45e06ed2;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:19:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: edjwyX-124C71X-bNNnD2tP70Y4XuhX7G5LKmkKjU4IclvCekOOtgQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 15:33:37 GMT
age: 68326
etag: "c5fcae1c388ff8f44b9e47734b6b65fd4e0fd856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6d8445a-180c-442b-bbf8-b1d1c1f11deb.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6d8445a-180c-442b-bbf8-b1d1c1f11deb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2293bd4f960ea1c141a1c96101c228e4
a58b35b79806c3af981c5cfb219364a6b85ccaf8
1a6c5b918de60160d9b2aa5c7ec8dffc675a08380ef7f391999d6b2af6a08071
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6d8445a-180c-442b-bbf8-b1d1c1f11deb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7595
x-amzn-requestid: 30d23edb-7ec6-4c70-a0fd-bffa7fe29dba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erTHdvIAMFo-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab14-1e49dd2e1a5928017d542cf9;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6iet4rnG60OsdntFwXVqReNaCwNl8qYQhzN1MC1GVqbUC2dOKDzZA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 07:31:30 GMT
age: 10853
etag: "a58b35b79806c3af981c5cfb219364a6b85ccaf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnkjEbkwVPPR1stEuMkkuFcQ4WZMDjsuYKA46ZcxejvotwfCG6huhQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:03 GMT
age: 46160
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eee5b4d617dab6f10d7053f5c4f4e98e
6c728c56797ba921e8001919df4d36e56dd37e54
76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: 39c8c044-5287-47bb-8731-5706c27a73e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0feFFtkIAMF9NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ac59-246e1b7e019965f74db95df0;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FVraudPaXgrkcCLGkaxntfC3h4XtbSfnRgzyp72Wgwb-WgWkDwjYPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 11:24:10 GMT
age: 83293
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bitrix.info/bx_stat
406 Not Acceptable 10 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 190f0ca90ef9d8f401ed505b8e377411
12ad51bbdfcc081a984bbff898a0d47cc29a61dc
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
POST /bx_stat HTTP/1.1
Host: bitrix.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 514
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
HTTP/1.1 406 Not Acceptable
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Access-Control-Allow-Origin: http://educatiolines.com
educatiolines.com/bitrix/templates/aspro_next/images/ai.png
200 OK 9.9 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/ai.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 1122afd8440e9e89e9e5da04483154f4
b08c317a8cd68e3e99e43aa452a9bc9cfa90e688
feac7674b5fa48ab44a64fd5967538db9ead27d27ff8c45699b1d3b5026ab985
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/ai.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/png
Content-Length: 9869
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-268d"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/ajaxsctipt.php
200 OK 765 B URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/ajaxsctipt.php
IP
ASN #34300 Internet-Cosmos LLC
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4923ff1c75faceb90e2fbdbfb5a45cf8
801d6eff06ce6abed050a8b4009ac1da716e37e2
594acc672ac3d67aee37fd9c165d2f2d6efcad08f7501631f7bcc340084f8393
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/ajaxsctipt.php HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
educatiolines.com/bitrix/templates/aspro_next/images/svg/ai.svg
200 OK 4.0 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/ai.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (394)
Hash 43ba6bd67803d00227e3e0a62d238f2d
af3bc37b9dfb2829390d7bd1d2b6fd385c6e7012
536c72203d164630d28dbd1b578dfebd48162a9b68cdd509a44799575c7c04b5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/ai.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 3996
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-f9c"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/include/mainpage/comp_instagramm.php
200 OK 22 B URL HTTP/1.1 educatiolines.com/include/mainpage/comp_instagramm.php
IP
ASN #34300 Internet-Cosmos LLC
File type ASCII text, with no line terminators
Hash 398136262db4de6e532db334b712502d
e91ea09fb6efa1b224631ffa2495b339ae023a8d
bb2a11e7dd309e9aeca8f3bf7249efdde8526524cef0ae559026441f9b9b5c46
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /include/mainpage/comp_instagramm.php HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 41
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
X-Powered-CMS: Bitrix Site Manager (b7ed0826e2a72f8a69bb45407432953b)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
educatiolines.com/bitrix/templates/aspro_next/images/mail_xlg.png
200 OK 4.3 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/mail_xlg.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 147 x 153, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f45bab4b95daf77ee60ee6c8bc733d1
af55a58dce9305f56bf455e6f42e14480758b710
d169535863d4d2c595f32d5d6e410a04b653f731ff7600d45ff50ae82d77efb8
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/mail_xlg.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/png
Content-Length: 4255
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-109f"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/next.svg
200 OK 22 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/next.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (916)
Hash 6bbe832ef93a667e72f674f38cdb29e2
bda3600a20d85558661070600b26691e8af0ff55
167a50ca88ad08b810e311bb9f6447c3b81fa5dda3f11117f5e46d8a4eb7f10e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/next.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 21740
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-54ec"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/Search_black_sm.svg
200 OK 555 B URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/Search_black_sm.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (332)
Hash 53d65fd93bd74ed13e183b34c67230e6
5b2f4649bdd41ba2759cf09b79d4e3cc3cb44825
5a08ceb3c189676ebb0cb6c42ceb4f331d1425befd065c9e3c0be363aee3b419
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/Search_black_sm.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 555
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-22b"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/Catalog_menu_black.svg
200 OK 436 B URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/Catalog_menu_black.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash 94ab119ed15ac1eab3d6c4b1c7d52336
d8d15f7b95fd95d17760394af9d5ab772c2021bf
497ba3c8aa47ca5b06e5affda2532d67b625f5e09d587e9a12cda6b57cdcaec2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/Catalog_menu_black.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 436
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-1b4"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/scroll.svg
200 OK 557 B URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/scroll.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash b3e0cf3e9bec3a33407b00c039e37c42
a7ee44278d4966aab069a6ee08815034507b8969
aae805bac5f37ae970a690a6f8640629e78d4aca449dc9d29ea02380cfb7ac71
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/scroll.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 557
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-22d"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/c74/yq4uytiofvfz5gfdt0xeidiodjo0bs9e.png
200 OK 2.3 kB URL HTTP/1.1 educatiolines.com/upload/iblock/c74/yq4uytiofvfz5gfdt0xeidiodjo0bs9e.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 46 x 300, 8-bit colormap, non-interlaced\012- data
Hash 1f5fa1ba10df9d831dea40b1482c39dd
5a6a7139646d84ec44328b59624b83a2c5b9745b
2250bd7472a3df18c30d71d6e916d1858a7bc34de747f5399326394c5419a572
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/c74/yq4uytiofvfz5gfdt0xeidiodjo0bs9e.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:23 GMT
Content-Type: image/png
Content-Length: 396473
Last-Modified: Thu, 25 Aug 2022 23:09:26 GMT
Connection: keep-alive
ETag: "63080126-60cb9"
Expires: Mon, 12 Sep 2022 10:32:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/CNext/b0d/b0de0538e06a7505f95a0218c7070038.svg
200 OK 3.3 kB URL HTTP/1.1 educatiolines.com/upload/CNext/b0d/b0de0538e06a7505f95a0218c7070038.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 69554dfeb3905aa174900c43c31fd6ab
68bb785b17c8c40af161b806489175ebb8f9d064
c1d5b1f208013f45f398ae177d3c507b1b7d952d170511fa8a9f1addd0bde0f4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /upload/CNext/b0d/b0de0538e06a7505f95a0218c7070038.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 3263
Last-Modified: Thu, 25 Aug 2022 23:07:23 GMT
Connection: keep-alive
ETag: "630800ab-cbf"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/Search_big_mask.svg
200 OK 483 B URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/Search_big_mask.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash f1dac5c3f29ded85e461f46c8e5e7f52
f5d57f279322be91b384e114d8dac1e81e5e52b8
95c5639322f7340773396d78f16af83949d6451f1cf58b88c9c2fdadd2b8c51f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/Search_big_mask.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 483
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-1e3"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/icons_wish.svg
200 OK 10 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/icons_wish.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (946)
Hash 30b1cb9113135978d53ab3634510b07e
2a8978f4c7304b9358e65a0eeaabd4a502bd9974
b711c8bb891bf20939244ce1fd5eb0360c4edbabcdc92012fdb8f36134fdd5af
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/icons_wish.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 10283
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-282b"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/b56/nmxghb4x99xl8uwsbfdxsjgcvj5n6tt8.jpg
200 OK 38 kB URL HTTP/1.1 educatiolines.com/upload/iblock/b56/nmxghb4x99xl8uwsbfdxsjgcvj5n6tt8.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2021:05:14 12:54:02], progressive, precision 8, 1405x565, components 3\012- data
Hash d7f483cf0e3b4865d6a504c86f369cc2
ca95929fca1c9e9f6a83825404f32f2db7984c12
fab675ad9d6cbb4a0cb7e0ff32a38178af1f55dbec55abf1b20f82a6f771e853
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/b56/nmxghb4x99xl8uwsbfdxsjgcvj5n6tt8.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/jpeg
Content-Length: 38534
Last-Modified: Thu, 25 Aug 2022 23:07:52 GMT
Connection: keep-alive
ETag: "630800c8-9686"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/7e9/vkih0mj08lkiqm4ar8d2pnxkhghpua7q.jpg
200 OK 321 kB URL HTTP/1.1 educatiolines.com/upload/iblock/7e9/vkih0mj08lkiqm4ar8d2pnxkhghpua7q.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2022:04:21 13:21:53], progressive, precision 8, 1405x565, components 3\012- data
Size 321 kB (320707 bytes)
Hash 854314560d2264d17dc6e0c0053875b6
368211b9b2a7c0c97364d274ff4c91665c691eac
60135316e57d61d7fb8a7a1f92deb029f409c4920359ecfb022368b856f6c397
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/7e9/vkih0mj08lkiqm4ar8d2pnxkhghpua7q.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/jpeg
Content-Length: 320707
Last-Modified: Thu, 25 Aug 2022 23:07:41 GMT
Connection: keep-alive
ETag: "630800bd-4e4c3"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/f13/90gwvs3992yphipawr5zo4bb6ujohx12.png
200 OK 106 kB URL HTTP/1.1 educatiolines.com/upload/iblock/f13/90gwvs3992yphipawr5zo4bb6ujohx12.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 1920 x 150, 8-bit/color RGB, non-interlaced\012- data
Size 106 kB (106181 bytes)
Hash eb4f15ca897dbe14a8bdc6e8078a799f
98ddc759ad6aaf8b64fd3672f64f2631297a8d00
61774516c0bba07912f3eb10a0ba67192189557aae89f1c082c675d094fc993f
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/f13/90gwvs3992yphipawr5zo4bb6ujohx12.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/png
Content-Length: 106181
Last-Modified: Thu, 25 Aug 2022 23:11:09 GMT
Connection: keep-alive
ETag: "6308018d-19ec5"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/af5/a9ynnvuxipidkjh4ea3rsa7wm9eykzc5.png
200 OK 358 kB URL HTTP/1.1 educatiolines.com/upload/iblock/af5/a9ynnvuxipidkjh4ea3rsa7wm9eykzc5.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 1405 x 565, 8-bit/color RGB, non-interlaced\012- data
Size 358 kB (357795 bytes)
Hash 01c1c3a0575e154fef692250a0e6cf6c
88f6b39b5a956d0bd210d6bc0098cc3ae28c2ba8
a6fdd8ef531f94c70897974ec5c361ab1b4b02885f55de53950d4a6553495731
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/af5/a9ynnvuxipidkjh4ea3rsa7wm9eykzc5.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/png
Content-Length: 357795
Last-Modified: Thu, 25 Aug 2022 23:11:10 GMT
Connection: keep-alive
ETag: "6308018e-575a3"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/social.png
200 OK 15 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/social.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 548 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 082eb51834a5b577310c0a8b36257982
4fd59bebcbbdb65f86ed23619aac68c21e76573b
e573a25529cfd03d22bfb556aa93b5662c3d62f905eb17554960e577d9f9261f
Analyzer Verdict Alert quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/social.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/png
Content-Length: 15424
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-3c40"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/Close_mask.svg
200 OK 872 B URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/Close_mask.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (665)
Hash 336cabb3de29e84407851fd0ad372796
7f63c9e919e8624daa2727b38f3d7a825dab4bcb
4486ffb4bc2d15b13ad97adfc08998a4fc33b2c7a1d574793fd1191e131b3a06
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/Close_mask.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 872
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-368"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/bitrix/templates/aspro_next/images/svg/arrows2.svg
200 OK 1.2 kB URL HTTP/1.1 educatiolines.com/bitrix/templates/aspro_next/images/svg/arrows2.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (437)
Hash 6586a19a9f68ac194531070834cc3df3
c7ac4955006e5964cf9b9daea1d84a1d920efd10
db02950c76b9e54a30579ba8463b2545b4c7f042a6606e44dd3ffbfdeb04f914
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bitrix/templates/aspro_next/images/svg/arrows2.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/bitrix/cache/css/s2/aspro_next/template_7da5070106f6b8ef280a97ec0668abcf/template_7da5070106f6b8ef280a97ec0668abcf_v1.css?16614871441111973
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/svg+xml
Content-Length: 1160
Last-Modified: Thu, 25 Aug 2022 23:05:44 GMT
Connection: keep-alive
ETag: "63080048-488"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/eee/qmcbep3qxbqfdmeeci67m5fwyavzb1e4.jpg
200 OK 21 kB URL HTTP/1.1 educatiolines.com/upload/iblock/eee/qmcbep3qxbqfdmeeci67m5fwyavzb1e4.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=565, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1405], baseline, precision 8, 1405x565, components 3\012- data
Hash 2e0d039daf1a69cf6ad421e7e5514fc2
b499d1de97fe24b8c7ec572958804ab88cc4614f
7cf2ff3cc8e50775f44fa43ee0762b1f2628e3b8defb29453536a17aed298e27
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/eee/qmcbep3qxbqfdmeeci67m5fwyavzb1e4.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/jpeg
Content-Length: 20574
Last-Modified: Thu, 25 Aug 2022 23:08:33 GMT
Connection: keep-alive
ETag: "630800f1-505e"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/541/bbcsg3sg0nlkv0674cxb6zpkrsle0koq.jpg
200 OK 465 kB URL HTTP/1.1 educatiolines.com/upload/iblock/541/bbcsg3sg0nlkv0674cxb6zpkrsle0koq.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2022:03:28 13:27:49], baseline, precision 8, 1405x565, components 3\012- data
Size 465 kB (464809 bytes)
Hash fad178126f9fb47244ac4a57ab8c911b
b330f58953ef15c542f6a201139cde7418d8ce21
43def1aaf07b2bdffc7e48cf4657b03630daad24b7ceab8c87071d104c14fdad
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/541/bbcsg3sg0nlkv0674cxb6zpkrsle0koq.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/jpeg
Content-Length: 464809
Last-Modified: Thu, 25 Aug 2022 23:11:04 GMT
Connection: keep-alive
ETag: "63080188-717a9"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/a9a/ly2wzubmubtpk8hd0egwv9jm28m3b1or.jpg
200 OK 19 kB URL HTTP/1.1 educatiolines.com/upload/iblock/a9a/ly2wzubmubtpk8hd0egwv9jm28m3b1or.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2022:03:28 13:30:50], baseline, precision 8, 1405x565, components 3\012- data
Hash 0b667163ccd6fb89060d221367ab546a
01d68aa4dc678c353d92cee1edc9e94fc8cd2580
c979bd1927e9771cb92ecfa0d135849431f9e71b516b9b4f4b96420712160983
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/a9a/ly2wzubmubtpk8hd0egwv9jm28m3b1or.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/jpeg
Content-Length: 19357
Last-Modified: Thu, 25 Aug 2022 23:07:43 GMT
Connection: keep-alive
ETag: "630800bf-4b9d"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
region1.google-analytics.com/g/collect?v=2&tid=G-7GMSK383HH>m=2oe970&_p=1753082308&cid=557369383.1662892334&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662892333&sct=1&seg=0&dl=http%3A%2F%2Feducatiolines.com%2Findex.php&dt=%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7GMSK383HH>m=2oe970&_p=1753082308&cid=557369383.1662892334&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662892333&sct=1&seg=0&dl=http%3A%2F%2Feducatiolines.com%2Findex.php&dt=%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7GMSK383HH>m=2oe970&_p=1753082308&cid=557369383.1662892334&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662892333&sct=1&seg=0&dl=http%3A%2F%2Feducatiolines.com%2Findex.php&dt=%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://educatiolines.com
date: Sun, 11 Sep 2022 10:32:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
educatiolines.com/upload/iblock/a3f/d4mfzvzi8w4eyd1topa5pqzc9a16ljl3.jpg
200 OK 110 kB URL HTTP/1.1 educatiolines.com/upload/iblock/a3f/d4mfzvzi8w4eyd1topa5pqzc9a16ljl3.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2021:05:14 12:55:13], progressive, precision 8, 1405x565, components 3\012- data
Size 110 kB (110168 bytes)
Hash 1b218a71b8ff7f3af8ad7d875cf4d448
46f980fce10227721d90e56e35991f86cd5d6de3
12e981a2b0b7bfc421be5fe560f7df3216aadfa79c6aeca6d48f4ea1b8c1851b
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/a3f/d4mfzvzi8w4eyd1topa5pqzc9a16ljl3.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/jpeg
Content-Length: 110168
Last-Modified: Thu, 25 Aug 2022 23:09:54 GMT
Connection: keep-alive
ETag: "63080142-1ae58"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/943/p5e53qo78axcgsbteg21sws73ox67nat.png
200 OK 207 kB URL HTTP/1.1 educatiolines.com/upload/iblock/943/p5e53qo78axcgsbteg21sws73ox67nat.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 1170 x 470, 8-bit/color RGBA, non-interlaced\012- data
Size 207 kB (207064 bytes)
Hash aa656b5a8c2f975d2a45df2cae00a8f8
2f2034097239a6000265b9110d1c8266aa9d2d5a
821e462163024d4a4c44626f5a59f863f2fb2242d0445607e0e770fbcc7eff88
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/943/p5e53qo78axcgsbteg21sws73ox67nat.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:24 GMT
Content-Type: image/png
Content-Length: 207064
Last-Modified: Thu, 25 Aug 2022 23:08:12 GMT
Connection: keep-alive
ETag: "630800dc-328d8"
Expires: Mon, 12 Sep 2022 10:32:24 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/917/agcil0w4bwo19ybhwzv8tybfcf3p276j.jpg
200 OK 16 kB URL HTTP/1.1 educatiolines.com/upload/iblock/917/agcil0w4bwo19ybhwzv8tybfcf3p276j.jpg
IP
ASN #34300 Internet-Cosmos LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=565, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1405], baseline, precision 8, 1170x470, components 3\012- data
Hash b03cad36d964ff6e25a3c815af315121
1fd36da024df723e40e618576767057766352901
93f68823bc8febad8402508becf979f78a97b8cfb130a76e586826ce7969a405
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/917/agcil0w4bwo19ybhwzv8tybfcf3p276j.jpg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: image/jpeg
Content-Length: 16487
Last-Modified: Thu, 25 Aug 2022 23:09:44 GMT
Connection: keep-alive
ETag: "63080138-4067"
Expires: Mon, 12 Sep 2022 10:32:25 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
cleversite.ru/cleversite/widget_new.php?supercode=1&referer_main=&clid=70200DzYNT&siteNew=91329
301 Moved Permanently 169 B URL HTTP/1.1 cleversite.ru/cleversite/widget_new.php?supercode=1&referer_main=&clid=70200DzYNT&siteNew=91329
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f78ab64a4362dade42d94a01665e7448
d688f9b762cb95a3300d7231f26b6fb0ca23f822
8da45d3c6bbf8581d4bc8985a7331a369c92fd9a1124e5e28da83bf91125eb09
GET /cleversite/widget_new.php?supercode=1&referer_main=&clid=70200DzYNT&siteNew=91329 HTTP/1.1
Host: cleversite.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/
HTTP/1.1 301 Moved Permanently
Server: QRATOR
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://cleversite.ru/cleversite/widget_new.php?supercode=1&referer_main=&clid=70200DzYNT&siteNew=91329
educatiolines.com/upload/iblock/279/27921fd0617565e5ac99b29b82270afa.png
200 OK 160 kB URL HTTP/1.1 educatiolines.com/upload/iblock/279/27921fd0617565e5ac99b29b82270afa.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Size 160 kB (159468 bytes)
Hash 66ccbd0760a5144ff79149891ded02d1
0a0b1ca68a22c2667e3c174b9f0ed6fed557e575
ea98202e4ef192c9b455d165b7e1151ba25bcf31cdda738eb390477c0fcc96a1
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/279/27921fd0617565e5ac99b29b82270afa.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: image/png
Content-Length: 159468
Last-Modified: Thu, 25 Aug 2022 23:09:07 GMT
Connection: keep-alive
ETag: "63080113-26eec"
Expires: Mon, 12 Sep 2022 10:32:25 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash 8ea8c520ac9aab95bbc561d62d6df1a1
0ca30842e2ec26ffc3367cb8c16eb49beba93c28
40fb59a2182787f0f7206ce4ed3af9b15051afc7173c9ad0754092d69bdf0663
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 669
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:25 GMT
Last-Modified: Sun, 11 Sep 2022 10:21:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
educatiolines.com/upload/iblock/8d0/8d0b49650783cb59a53967ed612891d1.png
200 OK 161 kB URL HTTP/1.1 educatiolines.com/upload/iblock/8d0/8d0b49650783cb59a53967ed612891d1.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Size 161 kB (160635 bytes)
Hash 4625974fa83c465720658be58a46b707
0a96837e95ca6acee1533a2556308f48c4d8c365
93c99181d0faaf3e6ea95ee3f440828fd581a30aae00d482207f9c3e0d2f2863
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/8d0/8d0b49650783cb59a53967ed612891d1.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: image/png
Content-Length: 160635
Last-Modified: Thu, 25 Aug 2022 23:10:11 GMT
Connection: keep-alive
ETag: "63080153-2737b"
Expires: Mon, 12 Sep 2022 10:32:25 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
educatiolines.com/upload/iblock/411/411326dcc9e5fccfbc730d2c0b15dff2.png
200 OK 169 kB URL HTTP/1.1 educatiolines.com/upload/iblock/411/411326dcc9e5fccfbc730d2c0b15dff2.png
IP
ASN #34300 Internet-Cosmos LLC
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Size 169 kB (169264 bytes)
Hash d8916a07ce1293a2849b33f79c19a964
5375600c54f01463548f06b2da61f32ce1e67235
abe33549050fc18f40074cd31ed30d150c4aa81db582657daedaaa7a72f802b6
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/iblock/411/411326dcc9e5fccfbc730d2c0b15dff2.png HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: image/png
Content-Length: 169264
Last-Modified: Thu, 25 Aug 2022 23:07:42 GMT
Connection: keep-alive
ETag: "630800be-29530"
Expires: Mon, 12 Sep 2022 10:32:25 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 11 Sep 2022 08:41:12 GMT
expires: Sun, 11 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 6673
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
educatiolines.com/upload/CNext/ae5/w0vdi2y38yhppf2wkpz16wiaplflwk6m.svg
200 OK 1.2 kB URL HTTP/1.1 educatiolines.com/upload/CNext/ae5/w0vdi2y38yhppf2wkpz16wiaplflwk6m.svg
IP
ASN #34300 Internet-Cosmos LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (921)
Hash 251d021daaa7af7d580c49df47daaa6c
f7f66367ac0441c445fc80e812bd81239316e778
f6288902a00b38d7688fe60c8e281f5bf0f52da3363ade58d854792fd0b0e1cd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /upload/CNext/ae5/w0vdi2y38yhppf2wkpz16wiaplflwk6m.svg HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D; _ga_7GMSK383HH=GS1.1.1662892333.1.0.1662892333.0.0.0; _ga=GA1.1.557369383.1662892334; _ga_5QW6WCHCLY=GS1.1.1662892334.1.0.1662892334.0.0.0
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: image/svg+xml
Content-Length: 1236
Last-Modified: Thu, 25 Aug 2022 23:07:23 GMT
Connection: keep-alive
ETag: "630800ab-4d4"
Expires: Mon, 12 Sep 2022 10:32:25 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
www.google-analytics.com/j/collect?v=1&_v=j96&a=1753082308&t=pageview&_s=1&dl=http%3A%2F%2Feducatiolines.com%2Findex.php&ul=en-us&de=UTF-8&dt=%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAAC~&jid=1320674201&gjid=985490894&cid=557369383.1662892334&tid=UA-238219968-1&_gid=1142411123.1662892335&_r=1>m=2ou970&z=1759412409
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1753082308&t=pageview&_s=1&dl=http%3A%2F%2Feducatiolines.com%2Findex.php&ul=en-us&de=UTF-8&dt=%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAAC~&jid=1320674201&gjid=985490894&cid=557369383.1662892334&tid=UA-238219968-1&_gid=1142411123.1662892335&_r=1>m=2ou970&z=1759412409
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=1753082308&t=pageview&_s=1&dl=http%3A%2F%2Feducatiolines.com%2Findex.php&ul=en-us&de=UTF-8&dt=%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAAC~&jid=1320674201&gjid=985490894&cid=557369383.1662892334&tid=UA-238219968-1&_gid=1142411123.1662892335&_r=1>m=2ou970&z=1759412409 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://educatiolines.com
date: Sun, 11 Sep 2022 10:32:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
educatiolines.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 educatiolines.com/favicon.ico
IP
ASN #34300 Internet-Cosmos LLC
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 68f8e2fd7a42e17d595a1b84eb621804
8ee88e95787775f8353322e131e59875ebbb345e
9bdb9463328c490db47dc55890e9b07346c29238a7d6dcae9772541ef37a9496
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: educatiolines.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/index.php
Cookie: PHPSESSID=W579SNPFom1ZVhRhWWXWjBkoXK6Dh3jC; BITRIX_SM_SALE_UID=dddd888fdbff14391e4a4c50a59e03da; _ym_debug=1; BITRIX_CONVERSION_CONTEXT_s2=%7B%22ID%22%3A152%2C%22EXPIRE%22%3A1662929940%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D; _ga_7GMSK383HH=GS1.1.1662892333.1.0.1662892333.0.0.0; _ga=GA1.1.557369383.1662892334; _ga_5QW6WCHCLY=GS1.1.1662892334.1.0.1662892334.0.0.0
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 23:02:28 GMT
ETag: "47e-5e718caa424fc"
Accept-Ranges: bytes
cleversite.ru/cleversite/widget_new.php?supercode=1&referer_main=&clid=70200DzYNT&siteNew=91329
200 OK 260 B URL HTTP/1.1 cleversite.ru/cleversite/widget_new.php?supercode=1&referer_main=&clid=70200DzYNT&siteNew=91329
IP
Hash d22746245762360c51908a99ae761a8e
8b33281d529239e619eea2569554a6816fe5c717
93c733e892433cd90ee86193d50e9edac4de80753da147cc48fb381b67ee3d53
GET /cleversite/widget_new.php?supercode=1&referer_main=&clid=70200DzYNT&siteNew=91329 HTTP/1.1
Host: cleversite.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://educatiolines.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
X-Powered-CMS: Bitrix Site Manager (a0de1128e3166103cf84e257ecc0de45)
X-Clever-Server: web01
Cache-Control: no-store, no-cache, must-revalidate
X-Clv-Server: backend
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=6pp34ukm0irjn9clrt9idgn9an; path=/; HttpOnly; Secure
Content-Encoding: gzip
Last-Modified: Sun, 11 Sep 2022 10:32:10 GMT
X-Powered-By: PHP/7.2.34
ocsp.globalsign.com/gseccovsslca2018
200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 1fab3646889dc007f4b9d68d68ff644a
1ae8b5e15fc0d64b63a9d0be8aece5c578c543e6
99dc7a2a5de32cb815d2ab6bd2a5c59015ca23e01fb7f08bbd5ef1f69d515b02
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Thu, 15 Sep 2022 09:17:36 GMT
ETag: "1ae8b5e15fc0d64b63a9d0be8aece5c578c543e6"
Last-Modified: Sun, 11 Sep 2022 09:17:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1739
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748fbd474968b521-OSL
ocsp.globalsign.com/gseccovsslca2018
200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 1fab3646889dc007f4b9d68d68ff644a
1ae8b5e15fc0d64b63a9d0be8aece5c578c543e6
99dc7a2a5de32cb815d2ab6bd2a5c59015ca23e01fb7f08bbd5ef1f69d515b02
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 10:32:25 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Thu, 15 Sep 2022 09:17:36 GMT
ETag: "1ae8b5e15fc0d64b63a9d0be8aece5c578c543e6"
Last-Modified: Sun, 11 Sep 2022 09:17:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1739
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748fbd474920b527-OSL
widget.cleversite.ru/widget/70200/91329/
301 Moved Permanently 169 B URL HTTP/1.1 widget.cleversite.ru/widget/70200/91329/
IP
ASN #204656 LLC ServiceCloud Plus
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f78ab64a4362dade42d94a01665e7448
d688f9b762cb95a3300d7231f26b6fb0ca23f822
8da45d3c6bbf8581d4bc8985a7331a369c92fd9a1124e5e28da83bf91125eb09
GET /widget/70200/91329/ HTTP/1.1
Host: widget.cleversite.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://educatiolines.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.21.5
Date: Sun, 11 Sep 2022 10:32:10 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://widget.cleversite.ru/widget/70200/91329/
widget.cleversite.ru/widget/70200/91329/
200 OK 564 B URL HTTP/1.1 widget.cleversite.ru/widget/70200/91329/
IP
ASN #204656 LLC ServiceCloud Plus
Hash 030762dc273271872d2aa3760419e5df
e6bd09ca7c767f6d76b4f073df06e6d559290582
85f7c52d85823de1fd24ffa4a5cf52c0f119374c3f20cbb6d7b72d5bfd283cde
GET /widget/70200/91329/ HTTP/1.1
Host: widget.cleversite.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://educatiolines.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sun, 11 Sep 2022 10:32:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=300
Access-Control-Allow-Origin: *
Etag: W/"40f-6aVZT89sXwUcc6+DStF/f7sljm4"
X-Powered-By: Express
Content-Encoding: gzip
mc.yandex.ru/metrika/tag.js
200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (674)
Hash f948ad97d8bcc64c1eee91e4e703f3f5
b5c35b5c139ddec32fe96bf89863fcf0845262bf
0d2dc3bdec9010c5375ac3fab62d3f33c2a3f961c6c974f2c0da8d584ed441e1
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72380
date: Sun, 11 Sep 2022 10:32:25 GMT
access-control-allow-origin: *
etag: "63186565-11abc"
expires: Sun, 11 Sep 2022 11:32:25 GMT
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
widget.cleversite.ru/static/clever-widget.umd.min.js
200 OK 276 kB URL HTTP/1.1 widget.cleversite.ru/static/clever-widget.umd.min.js
IP
ASN #204656 LLC ServiceCloud Plus
File type Unicode text, UTF-8 text, with very long lines (61874), with CRLF, LF line terminators
Size 276 kB (276258 bytes)
Hash 243f83d576d3a135d4b57941a3ac7af5
35b441af8af1ddba310eac3775c50c433ec2192b
be1afe59a353be3c302716f2642e5d2588e5f4aea2e0bcfb3b7373c7f0f68aaf
GET /static/clever-widget.umd.min.js HTTP/1.1
Host: widget.cleversite.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sun, 11 Sep 2022 10:32:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=300
Content-Security-Policy: block-all-mixed-content
ETag: W/"157930cd4b167a90a47b78f889c23dc5"
Last-Modified: Fri, 26 Aug 2022 10:30:36 GMT
Vary: Origin
X-Amz-Request-Id: 1713C7C3B5B87595
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 11 Sep 2022 10:32:25 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Sun, 11 Sep 2022 11:32:25 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/82392220?wmode=7&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A1892%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A252921027989%3Ahid%3A956115047%3Az%3A0%3Ai%3A20220911103215%3Aet%3A1662892335%3Ac%3A1%3Arn%3A1024979941%3Arqn%3A1%3Au%3A1662892335926405771%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662892330866%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C45%2C756%2C0%2C-7%2C0%2C%2C1184%2C220%2C%2C%2C%2C2029%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662892335%3At%3A%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/82392220?wmode=7&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A1892%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A252921027989%3Ahid%3A956115047%3Az%3A0%3Ai%3A20220911103215%3Aet%3A1662892335%3Ac%3A1%3Arn%3A1024979941%3Arqn%3A1%3Au%3A1662892335926405771%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662892330866%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C45%2C756%2C0%2C-7%2C0%2C%2C1184%2C220%2C%2C%2C%2C2029%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662892335%3At%3A%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash bd408974e96fe71f4d1bdd6d60f6364e
54227314b5a989c2d81dda0a875b5b03d4e4c83a
c1eedaedd08723c74713b615a2839f71ea39273e840ef900018cf7a90f8bee45
GET /watch/82392220?wmode=7&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A1892%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A252921027989%3Ahid%3A956115047%3Az%3A0%3Ai%3A20220911103215%3Aet%3A1662892335%3Ac%3A1%3Arn%3A1024979941%3Arqn%3A1%3Au%3A1662892335926405771%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662892330866%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C45%2C756%2C0%2C-7%2C0%2C%2C1184%2C220%2C%2C%2C%2C2029%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662892335%3At%3A%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/82392220/1?wmode=7&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A1892%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A252921027989%3Ahid%3A956115047%3Az%3A0%3Ai%3A20220911103215%3Aet%3A1662892335%3Ac%3A1%3Arn%3A1024979941%3Arqn%3A1%3Au%3A1662892335926405771%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662892330866%3Aco%3A0%3Awv%3A2%3Ads%3A2%2C45%2C756%2C0%2C-7%2C0%2C%2C1184%2C220%2C%2C%2C%2C2029%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662892335%3At%3A%D0%97%D0%B0%D0%BF%D1%87%D0%B0%D1%81%D1%82%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%93%D0%90%D0%97%2C%20%D0%A3%D0%90%D0%97%2C%20%D0%92%D0%90%D0%97%2C%20%D0%9F%D0%90%D0%97%2C%20%D0%97%D0%98%D0%9B%2C%20%D0%9C%D0%A2%D0%97%2C%20CUMMINS%2C%20%D0%B8%D0%BD%D0%BE%D0%BC%D0%B0%D1%80%D0%BE%D0%BA%20%D0%B8%20%D1%81%D0%BF%D0%B5%D1%86%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8%20%7C%207%20%D0%94%D0%BE%D1%80%D0%BE%D0%B3&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 11 Sep 2022 10:32:25 GMT
access-control-allow-origin: http://educatiolines.com
set-cookie: yandexuid=7949877321662892345; Expires=Mon, 11-Sep-2023 10:32:25 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7949877321662892345; Expires=Mon, 11-Sep-2023 10:32:25 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2350986881662892345; Path=/; SameSite=None; Secure
i=rZ3GYJKAqFqZbpqHf8jxn8yIY8F6ThMJhJ0wy6IxWv+OLqevs5KuzbRB6GabyjBiq6/1W2VrqCWcQO/mLWq/F9VPYQw=; Expires=Wed, 08-Sep-2032 10:32:25 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694428345.yrts.1662892345#1694428345.yrtsi.1662892345; Expires=Mon, 11-Sep-2023 10:32:25 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 11-Sep-2022 10:32:25 GMT
last-modified: Sun, 11-Sep-2022 10:32:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic-ext
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic-ext
IP
Hash e7f58c4975db9030ebca7eb96e3f9536
0f7f855847f42f9260b6b2c2fc12e006c0f63936
32da364048210cd4f6abcffedcea8d12ffcb93446a0938b7764682b262dd772c
GET /css?family=Ubuntu:400,500,700&display=swap&subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 10:32:26 GMT
date: Sun, 11 Sep 2022 10:32:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.cleversite.ru/config?clid=70200&site=91329&referer_main=http://educatiolines.com/index.php
500 Internal Server Error 112 B URL HTTP/1.1 widget.cleversite.ru/config?clid=70200&site=91329&referer_main=http://educatiolines.com/index.php
IP
ASN #204656 LLC ServiceCloud Plus
File type Unicode text, UTF-8 text, with no line terminators
Hash 8fc87a0d6ae40bf6da63a6195a29d0a6
ae9fad67a58b1a6e0293334cc962b96f37c6e116
82d6c6fbabf4cf020cf4770a8a44e80f0a912135c17136036280dc74a954352f
GET /config?clid=70200&site=91329&referer_main=http://educatiolines.com/index.php HTTP/1.1
Host: widget.cleversite.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 500 Internal Server Error
Server: nginx/1.21.5
Date: Sun, 11 Sep 2022 10:32:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 112
Connection: keep-alive
Keep-Alive: timeout=300
Access-Control-Allow-Origin: *
Etag: W/"70-rp+tZ6WLGm4CkzNMyWK5bzfG4RY"
X-Powered-By: Express
widget.cleversite.ru/features?accountId=70200&billing_controllable[]=chat&billing_controllable[]=chat.file_transfer&billing_controllable[]=chat.co_browsing&billing_controllable[]=chat.rating&billing_controllable[]=chat.metrics&billing_controllable[]=chat.operators_groups&billing_controllable[]=chat.survey_form&billing_controllable[]=chat.offline_form&billing_controllable[]=chat.spy&billing_controllable[]=chat.menu_logo&billing_controllable[]=chat.user_button&billing_controllable[]=chat.visitor_detail&billing_controllable[]=chat.letter_to_director&billing_controllable[]=chat.agreement&billing_controllable[]=chat.standard_multi_button_text&billing_controllable[]=chat.social_integration&billing_controllable[]=call&billing_controllable[]=call.rating&billing_controllable[]=call.metrics&billing_controllable[]=invite&billing_controllable[]=invite.chat_invoke&billing_controllable[]=invite.call_invoke&billing_controllable[]=copyright_off
200 OK 76 B URL HTTP/1.1 widget.cleversite.ru/features?accountId=70200&billing_controllable[]=chat&billing_controllable[]=chat.file_transfer&billing_controllable[]=chat.co_browsing&billing_controllable[]=chat.rating&billing_controllable[]=chat.metrics&billing_controllable[]=chat.operators_groups&billing_controllable[]=chat.survey_form&billing_controllable[]=chat.offline_form&billing_controllable[]=chat.spy&billing_controllable[]=chat.menu_logo&billing_controllable[]=chat.user_button&billing_controllable[]=chat.visitor_detail&billing_controllable[]=chat.letter_to_director&billing_controllable[]=chat.agreement&billing_controllable[]=chat.standard_multi_button_text&billing_controllable[]=chat.social_integration&billing_controllable[]=call&billing_controllable[]=call.rating&billing_controllable[]=call.metrics&billing_controllable[]=invite&billing_controllable[]=invite.chat_invoke&billing_controllable[]=invite.call_invoke&billing_controllable[]=copyright_off
IP
ASN #204656 LLC ServiceCloud Plus
File type JSON data\012- , ASCII text, with no line terminators
Hash cb39e28f7a96c9ff8449bdb04280289e
393d9ce60c672ae7cf70379dbcb7017715581893
bea815fe5aa93fbc173798c3642e803af0e40ad5f72120b379a26851979194d3
GET /features?accountId=70200&billing_controllable[]=chat&billing_controllable[]=chat.file_transfer&billing_controllable[]=chat.co_browsing&billing_controllable[]=chat.rating&billing_controllable[]=chat.metrics&billing_controllable[]=chat.operators_groups&billing_controllable[]=chat.survey_form&billing_controllable[]=chat.offline_form&billing_controllable[]=chat.spy&billing_controllable[]=chat.menu_logo&billing_controllable[]=chat.user_button&billing_controllable[]=chat.visitor_detail&billing_controllable[]=chat.letter_to_director&billing_controllable[]=chat.agreement&billing_controllable[]=chat.standard_multi_button_text&billing_controllable[]=chat.social_integration&billing_controllable[]=call&billing_controllable[]=call.rating&billing_controllable[]=call.metrics&billing_controllable[]=invite&billing_controllable[]=invite.chat_invoke&billing_controllable[]=invite.call_invoke&billing_controllable[]=copyright_off HTTP/1.1
Host: widget.cleversite.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sun, 11 Sep 2022 10:32:11 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=300
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Etag: W/"68-r8CO9yOVEcvb//DQsgzsbfJj6QQ"
X-Powered-By: Express
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20860, version 1.0\012- data
Hash 15b0d42b9ec6606a60edbdcced868466
73ca3f9f966f6722e78409b22db328ce4da475a9
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 21:05:47 GMT
expires: Thu, 07 Sep 2023 21:05:47 GMT
cache-control: public, max-age=31536000
age: 307599
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18200, version 1.0\012- data
Hash 8c7519686a5ddf20a3981e660a5f2610
3e0d73d14e4892b36fb5c6a9854c7d2e6bec005a
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:54:45 GMT
expires: Thu, 07 Sep 2023 19:54:45 GMT
cache-control: public, max-age=31536000
age: 311861
last-modified: Wed, 27 Apr 2022 17:10:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Merriweather:wght@300&family=Montserrat:wght@300&family=PT+Mono&display=swap
200 OK 36 kB URL HTTP/2 fonts.googleapis.com/css2?family=Merriweather:wght@300&family=Montserrat:wght@300&family=PT+Mono&display=swap
IP
Hash 5314090a69964f9c9de3561240b96b3b
7a77f80e279d12046ddc1795bda83497531a0448
16b3080678d9591eef05fda29a7daa1e6bd6e993eccded3259fcdb7d7e649bb3
GET /css2?family=Merriweather:wght@300&family=Montserrat:wght@300&family=PT+Mono&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 10:32:26 GMT
date: Sun, 11 Sep 2022 10:32:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 07:00:19 GMT
expires: Fri, 08 Sep 2023 07:00:19 GMT
cache-control: public, max-age=31536000
age: 271927
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2
200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46796, version 1.0\012- data
Hash 328da9d0efdf3626073910bfd379b2ff
e55f0b86555b18495045db12654779186c94f0a5
d9086c8c2ed7c9f988d63847cd89e81318c1e4ade2112969af26e5744a3bc7d7
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://educatiolines.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:32:03 GMT
expires: Thu, 07 Sep 2023 19:32:03 GMT
cache-control: public, max-age=31536000
age: 313223
last-modified: Wed, 27 Apr 2022 16:31:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 10:32:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/webvisor/82392220?wmode=0&wv-part=1&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=457678020&wv-type=2&browser-info=gdpr%3A14%3Aet%3A1662892338%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103217%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892338&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/82392220?wmode=0&wv-part=1&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=457678020&wv-type=2&browser-info=gdpr%3A14%3Aet%3A1662892338%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103217%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892338&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/82392220?wmode=0&wv-part=1&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=457678020&wv-type=2&browser-info=gdpr%3A14%3Aet%3A1662892338%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103217%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892338&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 5273
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 11 Sep 2022 10:32:29 GMT
access-control-allow-origin: http://educatiolines.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 11-Sep-2022 10:32:29 GMT
last-modified: Sun, 11-Sep-2022 10:32:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/82392220?wmode=0&wv-part=1&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=568432983&wv-type=2&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1662892337%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103216%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892337&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/82392220?wmode=0&wv-part=1&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=568432983&wv-type=2&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1662892337%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103216%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892337&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/82392220?wmode=0&wv-part=1&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=568432983&wv-type=2&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1662892337%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103216%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892337&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 382212
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 11 Sep 2022 10:32:30 GMT
access-control-allow-origin: http://educatiolines.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 11-Sep-2022 10:32:30 GMT
last-modified: Sun, 11-Sep-2022 10:32:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/82392220?wmode=0&wv-part=9&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=176469218&wv-type=2&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1662892337%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103216%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892337&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/82392220?wmode=0&wv-part=9&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=176469218&wv-type=2&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1662892337%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103216%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892337&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/82392220?wmode=0&wv-part=9&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=176469218&wv-type=2&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1662892337%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103216%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892337&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 380822
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 11 Sep 2022 10:32:30 GMT
access-control-allow-origin: http://educatiolines.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 11-Sep-2022 10:32:30 GMT
last-modified: Sun, 11-Sep-2022 10:32:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de6622cfd812509b317913e1a5e9cfc8
84e4a39c92ab111cc1072f898990cea6b05da6cf
6d41b564c2e15215d05ba74ba2ae08abf74f6aef9e58e808d31afc6d1ba123af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9319
x-amzn-requestid: 44d731e9-1da0-4ad0-9fbb-1b170fac3bf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxaFtpIAMFWAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2e155359546dae806f6dbfe2;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cZslQ5Qc4PPIlpAtmGVbfr3NaPybUWZMJBz_pCrXkCSSq6hUztXVjA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:01 GMT
age: 46289
etag: "84e4a39c92ab111cc1072f898990cea6b05da6cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/82392220?wmode=0&wv-part=2&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=567926244&wv-type=2&browser-info=gdpr%3A14%3Aet%3A1662892340%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103220%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892340&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/82392220?wmode=0&wv-part=2&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=567926244&wv-type=2&browser-info=gdpr%3A14%3Aet%3A1662892340%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103220%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892340&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/82392220?wmode=0&wv-part=2&wv-hit=956115047&page-url=http%3A%2F%2Feducatiolines.com%2Findex.php&rn=567926244&wv-type=2&browser-info=gdpr%3A14%3Aet%3A1662892340%3Aw%3A1268x939%3Av%3A893%3Az%3A0%3Ai%3A20220911103220%3Au%3A1662892335926405771%3Avf%3A62hjjpdks93ktul5nsnaw%3Awe%3A1%3Ast%3A1662892340&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 116
Origin: http://educatiolines.com
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 11 Sep 2022 10:32:30 GMT
access-control-allow-origin: http://educatiolines.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 11-Sep-2022 10:32:30 GMT
last-modified: Sun, 11-Sep-2022 10:32:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-7GMSK383HH
200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-7GMSK383HH
IP
GET /gtag/js?id=G-7GMSK383HH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Sep 2022 10:32:22 GMT
expires: Sun, 11 Sep 2022 10:32:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&subset=cyrillic
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&subset=cyrillic
IP
GET /css?family=Open+Sans:300,400,400i,600,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://educatiolines.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 10:32:26 GMT
date: Sun, 11 Sep 2022 10:32:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
62.173.149.60
93.184.220.29
142.250.74.163
104.18.21.226
95.101.11.115
141.101.185.18
34.247.209.163