firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 03:44:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 58-Jux4qDpb64wlIaXJAX3QsyD3--LVgJ7Sy5sCzxD41fq76gx6tkQ==
Age: 382
kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
104.21.86.10200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20374)
Hash 5c8c1653c6a6eb0eeb5fd8570d3ae679
1acfdde0dddfb85dc01bd8982b00dfd1b854ab41
e7ec948295b7b3ba298639196ce8c9113169d4d587dfbcf5eeca08bd59ee13f6
Analyzer Verdict Alert fortinet Phishing
GET /obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Status: HIT
X-Cache-Skip: 000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6m7Y2nBZzxAi0iffABr13UplUHtmkMwHcdlcuX36B2elsIrADYxNz3NRRL9YlYLSLKxNvoOCj4eFwU9CCAJsGYketMa1UfC%2B9gh8eGoOTs5ZWcysVnqWDhS541rCHGjbkcZZkyI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745c01261921b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13315
Expires: Mon, 05 Sep 2022 07:33:01 GMT
Date: Mon, 05 Sep 2022 03:51:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SN2WmGTfLAWfy85AFEgxr7r9hM8JmnDNI3covJenyK95s7FMOWL0sQ==
age: 9349
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 03:51:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/templates/rt_vermilion/css/systems.css
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/templates/rt_vermilion/css/systems.css
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
GET /templates/rt_vermilion/css/systems.css HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 73
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hk2rqS04OU%2FAewmsHI%2FeH4V%2BA471eQcsQYCYUru2YDZxjY0s9B3fuJF6T9lTdhW7JE%2BbmZXQ5%2F2SMEhuFpPC9fmiNJLv6uMDXbLDQOSCD6a9bXIaculgLpkphUhtCbpkvX%2FYiQY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128ba7db523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 73
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5aSjTtntO22IHdseLTQm4CdYLLGnVwWmGoPxvC6wJSlun%2BdPXaFwzbjIxAzjNZYClsvlpeEMjMJ4FaBN6X4T4XkB6jktZyE5LluW7tqyYNuqu10HcaGDif5m246aOd5PRtQfPo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128da8db523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/style.css?ver=4.9.8
104.21.86.10200 OK 474 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/style.css?ver=4.9.8
IP 104.21.86.10:0
Hash 64512c3158a4553e2793a93d47c71224
51c04d04a577de6c3ebae959d392d8d49b906733
be702a318efa54999935c28540445356ecfbba55d3ffc14776ae15e92f3a18b7
GET /wp-content/themes/casino-theme/style.css?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:19 GMT
ETag: W/"5e4d7303-330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 96338
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hATAdIvJH5ovjcEfu2M8OCA9EJfvG2q4RfKsHxnuJEqUjUJIRkeOp5r%2FE2F6HoZ%2FTrLDq%2Bgez4iu4heUEUQxqqifN%2BA2C6cAVGcr3%2F30d8%2FLJ%2FIe3sK%2BdVf2%2FxEyCeny%2BkoAhBE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128de7f0b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 73
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ0YOAkTanexZwblUg1Bxa1%2BE6zle%2BoLkQCMeDF%2FU3krE8tTUK684yohfvPHZ8RzmhJXURVgjtEYHRB2bUhYlNzCyoXbkUxfZZ4mF7hpTlnUwARvfC8az%2BqzyLRibcgp%2F09KgQY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128da93b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1
IP 104.21.86.10:0
Hash 71cbbc2b4b75d38fde4164930c4b1a5f
bc669826f776560c05ed95d509c6048a4e731ff1
c6f60ff63ea7e00e90f3db1812ab9600d24f17a153f923db3e5fbaa31ed3342c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/grid-responsive.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-153e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 350481
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJfyjgdvd4ub4kgLSUgaJyn5jYVXeSZ%2F2Cws2NjsdcoH1bOAGT9jRmb32saWoQldzy7S1Jc1PrI7pPmIoO5y1qrwSECBTJbpTS%2BA95U6c8TlJ6bwFXZZvkbwAu2wflh%2F12PhXpI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128d88ab51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1
104.21.86.10200 OK 237 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1
IP 104.21.86.10:0
Hash 42b856f70401792ff61ce39f0d15187e
d89f7caec9972737f77b4d6effc214e5ddc6e8c6
498fb25e1b77547c448f19fbbec16747f9ad3ffede9e65af1df28e6b51e7c7c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/master-gecko.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-147"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 6016
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3X%2Fwfxo5%2FZHeQZ6koMiNoHGTveIv%2BEzaARoGT%2BjnxjVBbH09%2Fj8TDffTHIdLhEmd7BklRK8ovN3VEyaTqzokDfmcgIUDb%2Fp0%2FEwP7XSULfqf33KufRgnejLn%2B4aMUqACVnKO9rk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128da071c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1
104.21.86.10200 OK 18 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8ccc3caeb4d179c7411ced0d453568d2
24f7e038de1ff25d1d5640880a0dcc2a35a6c9ca
0f597bf99dcbb112a2ed509e8883f79ff735b518157dad9cfb59a6d685e8b144
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/bootstrap.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-1a1f0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 96338
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABOVwv%2F%2Bvk8j3vk0fMbwC2j7m0PlKyNFXwEm4XtqbrFiNnuxRbuvZphoeh%2B8zH0sNovWhbisAEkde22wvIAjCPtuiHNtmKwNqOf7aT13e0FDv%2FWlOteA%2FnOlykyCa57v7vRV0M0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128dd390b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10200 OK 21 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd9634fd6b76b33a1ecc722ec66c6594
60cde4939736097ec7dc5001e889635bcf60f2b7
514351d0c268660be9fa9a34578c4146032b70f5835f6ecd4bf6b12b673cf14d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-2613e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 266282
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4q6xp80UCjWwPJ1z0UaIJwznr2liyiEpH4DmUAEi3RilSVxXGCUz1LflDrPGoKI0nb2b672P93y%2B38IcBXHJasCSH3pE0J1s4YxnyHLE8RRJeQwTVEUnFJGdSj1AS6pvAtNLOYE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128dae4b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
104.21.86.10200 OK 676 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3
IP 104.21.86.10:0
Hash aed6d7df00952fe5e2c7c636649262f6
7d27a3280224fa23a11af27e6816ba0a49ab5d70
06c5b0cd3f5177c83dc46e5fa8aca26cd4c79f9a3a256cfd03352c129039fdf6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:30:56 GMT
ETag: W/"5c125100-6cf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 6016
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0XYMYpDZdbGJzuSdUjKKr%2B82FDwUqZje6J7uz7GiIoiPGBu0tfHU%2FrpBtKmi7KPNOFIve0xi20uf41HHTFQ2Fv%2BPm9SzKfOsY%2FIHIJDZ6tPQtbdjKqdwuvJ9LucMvNb%2B%2BnRSU0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128ee860b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 03:51:06 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 176423
expires: Sat, 26 Aug 2023 03:51:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmHqguepW3K7xbmju40%2FZdZHV35JrpYQcufiFejHD%2FuXAwMjpxhgOVv3usPBosnf0AedC4dVvMI1Ree7mfRlsqbOWBmIFVuAHoYHzz2qTG%2F%2FFP%2B5rAlUL6Hxn5LB%2B9mgkWr1TJki"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 745c0128e99cb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
104.21.86.10200 OK 451 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
IP 104.21.86.10:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash 9cbb12ded165859b75441a829fb683af
1e85f7bd7f0fa9dbc53157bbead5eb703c502db8
3dba212407392e05ef866072e63f519c9ef7365ea376cb5a8824e77726a6759b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:13 GMT
ETag: W/"5c12514d-484"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 350481
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbOYxzVngusOIlg%2FdBk4y%2FR8oWWNK47prJ%2BeJMGAvOyO402qhliW%2FKz%2FEpF4Rqi9lSnRlVO465on39qQap9tj2tg6SJ3w61CYNKH0k1lWtRQZUgf%2Fu8dvCLgkXrWmfcwaBwSKK0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128ea9bb523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1
104.21.86.10200 OK 310 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (1519), with no line terminators
Hash d73a797f7592ab9bce3849ab5737817e
9423b36627b10be53d0806fadfe6c8d8d68f9e71
f7d7f8fbdf96b9b72d137ad3ea7ad6bfbd9b935b04f697d60d9ee4600b9478c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/css/menu-dropdown-direction.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-5ef"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 6016
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlpWRaaePsTU3k7FVnJe%2BRgBgkvCyBm8BHed%2BmpoQ9rxw1XITsJPoun2QXYk4Y812mZ5Ir0db3dEZyBSuTqLwipND78u8iqBi1hRnm%2BgDyvFfpjOXyN4H30PEiYkviwfsLJsAbI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128e895b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107
104.21.86.10200 OK 792 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107
IP 104.21.86.10:0
Hash 28e92d0115685376ea13f80d4624cd77
5c49d2ba210b35e9d558c6cf13a5bccaaa950ed8
482f6d092f111156af642386342ff908983668446198cb59289e92180312dc86
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-special-textboxes/css/stb-core.css?ver=5.9.107 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:27 GMT
ETag: W/"5c12515b-e8a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 350480
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uyd45HJtigTISF5ckYhOXoCniE9mYk%2B4gSM5FbupMmhAG2nqa8i4d8fLl1k%2FUQHY3yLoX98KlbbMlIMHFUrTaAFVvfCZK4TO4VrNuly%2B4tXUBSVbkoL9NIChVPcpwIXVKwQHxLQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128faf8b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu.css?ver=1.0.1
104.21.86.10200 OK 2.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/menu.css?ver=1.0.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (11594), with no line terminators
Hash d0c9fed4ee25a9901b0075392fced627
8e15174d523c566ecd24b03bd6f64284b3bb89bc
6707a90e066997a1a63b069a02ac745de76a5d85468aad53e9a773874f7b522e
GET /wp-content/themes/casino-theme/css/menu.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:03 GMT
ETag: W/"5e4d72f3-2d4a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 96338
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymqzlxLFboyCbiLi6IRU93V%2FlukjKWNX450wqeOb0xhLRzvq%2BALOOKevoR893xrtFvsBvyuDEMzqpveQRtXc9hTsEyVmh0vS1QUUWtBU9LYykHPkHBCZWWST5oFNGpW5rx9W1F8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128ea111c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
104.21.86.10200 OK 34 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 104.21.86.10:0
File type ASCII text, with very long lines (32077)
Hash 3a80fc6d5f853164f2f53a98659c0c21
3327cc9fd1e64d96894c1322e3ef52dea7fe4cf1
c390de9d0d8953f70b165680d6122a3fc871006c67a676030596a4c36e882674
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:01 GMT
ETag: W/"5c12517d-17ba0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 604389
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmZfidqpqhLQQvqgcitRsXZVqk8H7S2FYCP9jKd9YSdxeXDtC4alWC4TLghY8RDxMWcgrOGSByO5u0M0B7rvJcMLRA7uoCMnIaIp0CsDL2P14fEqz5XApdjsCNB1nrYuv%2FbybD8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128fe880b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
104.21.86.10200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 104.21.86.10:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:01 GMT
ETag: W/"5c12517d-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 266281
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJLdv1YBQnM%2Bo2ckEJweRf4mXH%2FZC9%2BG3mzgC89jPt3A51em1OuJmaH%2BLFXmNXdAbT%2FnyFeKRQ1MznXNlompqrGHDTH%2F4Rfyzbu7iJHy2NCQR2Fu2W6vmxoFtCQALO6xcxSgh0w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128faa3b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4
104.21.86.10200 OK 589 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4
IP 104.21.86.10:0
Hash b1e45bf9bcd536be8008b443608c6c6b
0d22ff7469317a36f82f2b6274c9c791daa21b24
e140ee41b7a34f1a34911b6cd5c933673469cbd4f60777f23c1e4d82e810bfa3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/twocolumns.css?version=3.6.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: W/"5b07c29e-881"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 604389
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLsCsX0p77cueItoz7b4esj5cjA6wA96OyHCUWGSyUDIzeSryhMLAyW2yoNIq%2FF8%2Bsy2CI38d9pVuZWDA9YWyD%2BroElv0F4LQUz2uOdYXR9c6mUrAl%2BVKSDxKJ71wIRVoRTmBTg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128f89db51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
104.21.86.10200 OK 4.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3
IP 104.21.86.10:0
Hash e0e4b1426b3215295e18e962a7d55f92
05ea8fd2d6c296a08cfa892650b84408ff473e7c
7551622c8e60a0bc7ea9f97ec1d26e7706618d171b4edc99ed8276872e231970
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:30:59 GMT
ETag: W/"5c125103-38f9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 951673
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONxxZ334%2BejYx2Yu8QPnVRiXxr%2BUggHJ8aM7kxagvygrF9nsEzadUJNrhgieMDIylawjbvViCXj5XWsnA9RnUxu1WQv%2BD19xH3frc87t%2BA4CVQTaK4Y%2FHYYu71wEIhpf%2BQJjDEo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c01292e9d0b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/navigation.js?ver=20151215
104.21.86.10200 OK 1.1 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/navigation.js?ver=20151215
IP 104.21.86.10:0
Hash 8da166d76095153623e6bb934ef7525e
e5d0c5d545b3552dd5bf200f29e8f2c8e77ab221
56d5b07b11a2624298632471d166c6197da8a64a9d85d412efe32cc25cf8557c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/navigation.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-b97"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 949345
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePhWqH3WQgJA84GeetAe41EG1CCCKj1urwPzzxo1P3XXtlCoRcLL0fwoDo88pceRRCeQf1LheLvK61sKZSGmyjYYHDw4FK6DJpJmy7QiXgCMR0Banv0oJHmHN%2FcmBDDCLyY%2Ftsw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012928aeb51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215
104.21.86.10200 OK 416 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215
IP 104.21.86.10:0
Hash a58187e217f4b2ee9cd10e8954eda607
49f6e0418c24f410db3a8c8681a7d98455d15e9d
69bf8d27242351ec81cf610c4d994e047c2ab1b5868b9e252596eee0a3d6d278
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:19 GMT
ETag: W/"5e4d7303-2ad"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805683
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNGJlte5FqeBo61aqom3hrrMuv5Pd2zx9FZReiAfqTi1Q75t0rFBLk3Pmroy4MbfaZF6ac0QCCXiABgkK%2Fo4O18NKsbE7%2FMLgooUL7Zmx9ak5e1MO6rvsw3VuoDwBdQw0vOP%2Fmg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c01292ea00b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
104.21.86.10200 OK 2.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
IP 104.21.86.10:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash 4f4a997bc181498157d148ba9b649949
87ff26f8385fcf11c28fcc40c2e5619a8138f44d
fe722eb1adc5eb6c3642f87ba188bfb0b899130719fd73381712d6d710d3ed4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:10 GMT
ETag: W/"5c12514a-17cb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1053098
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKqTFPFrlRSrklzc8Brbx1bTjhz1qY0JNYFP91E6mHm4YJbzFOkrYrTbNb1XcTkrZ5muWXTOSZEspXz0%2F9W2V%2Bsdt80lvoGRofhOXM1R5T3OEfP0lF4XzgWR5sJGL7mYkFmhzME%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c01292ac2b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215
104.21.86.10200 OK 34 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (32077)
Hash bcf328167425e857c585773a83f0a9f1
5bf83602f9bb9607edba90a4564c8aa81e09c291
994b0b39c149e2a731357570951341f99d2f50cb1c7e1588e8ff30b665d4136e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/jquery.min.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-17b8b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1072438
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHYcJurwr2t%2BmCCiUcGZjJTKIF2J5a1GrHIhld1qCYM8HWAiQJ6ggPbyTqWINUN5P2MfLl%2Fv%2B7i3iioP0%2BrIINA%2BIFXkH1gjD1SMQ0pBaaHFs%2BBX6pm0BR5XaagrNLcj3Yg0%2BNI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012928b1b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215
104.21.86.10200 OK 21 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215
IP 104.21.86.10:0
Hash e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/jquery-noconflict.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Content-Length: 21
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: "5e4d7302-15"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805682
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itFGmIidC0iGfwSafesdPRmraZ8kxPM2AH0yvSZjAdk7R152cUArt8mQvS2TV6au0MfokkGauETvnYaK8ziN47Fo%2FJqPMEH7BjOMKWIe8Sfl028SH73mSU1GLCGGZaEU40VBsFA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c01293ea40b02-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/edit.css?ver=1552999911
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/edit.css?ver=1552999911
IP 104.21.86.10:0
File type ASCII text, with very long lines (390), with CRLF line terminators
Hash 36d221b51828ef8bbcf62f1c250ddeba
8276b7312f88f9e7d66bc9f68deb1ac29e7eda5b
ebc9fa2711b97b9ae51a1e8bf173a46a74007041bf642614685ba36dda0717f7
GET /wp-content/themes/casino-theme/css/edit.css?ver=1552999911 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:02 GMT
ETag: W/"5e4d72f2-eb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RiWweuKZMkljhDbgTg5xBj%2FABHSu2z1hjwzDHD2E4fN7cYux%2B9gzlY%2Fa4lExS2I91J8kCLYwmuLM8ZmxW2NPPZL4KCtv9fa6j%2F3VELeF8ZrbLX1G2joTyp2MHPIaDQmNj1muPI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0128fd450b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/caption.js?ver=20151215
104.21.86.10200 OK 334 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/caption.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (413)
Hash 67dcbc30fcfad1892362b21170522298
3ff742e04689a2cad78f844f1b76d457bdb72ca5
81c52b778cf87c87d1569c8fc4229d226eaab8e86833d315ec48b48be074fba1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/caption.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1eb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805682
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiPy5PFx7s9IvN7Z0lHBHa0h%2BJ3U4IjBGitsvC5GDrN6pAZLNrP2fW%2Bkt31N4Lwz4WkK2rzX%2By8OI7MyqCuTwHtwpL7OhPLltH7%2BogKp7CmBltMog2bwgDba28wW2NK9Fge5TjA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012978d6b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215
104.21.86.10200 OK 27 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (785)
Hash 4c23651950610db3ab0eebcf75eafe08
78bc489136a6d10bfbf2e2a17ede591d5049ab95
51e3113569751f8acb6086c37fe8af13e9779e0538912531daed843f895e5dc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/mootools-core.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-147b5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805682
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWgyWxd%2BZTShVKCOdxgPjYmIqoHmSU6yguTB0PCQfX7j%2BXXAi2QAmJAapo0ThluS4wyc7fIymxIONWlHhdDFEbSa7GEQEr6sN%2B8qcA8cPbkJx2BIz3jvSC9CuyftnCrjU7Ucagc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0129db1cb523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/core.js?ver=20151215
104.21.86.10200 OK 3.1 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/core.js?ver=20151215
IP 104.21.86.10:0
File type Unicode text, UTF-8 text, with very long lines (7693), with no line terminators
Hash 645f05a74c3c52b4f27a5b44c794fa18
aef324d8d1e2faae36686e6dbb12bcfd080c90de
186313e5cf49316a4816403a527482e2063027ab8711b2f7e77ee5d4c4ab83b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/core.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1e12"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 951692
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej5ISSS61PNO2AgqZDW2Dro1eEsEIyZJYAz9nEm7OZgYS8HPoDxSUIUHaN4g%2B8H9T1mtcaMzlm8ctBiP1y7jXFhXOn%2FvRma4LoYM7hLNemQPpyg2hbPlwhU%2FCh9ofOEQ3GMrEH0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0129df1d0b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215
104.21.86.10200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215
IP 104.21.86.10:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/mootools-more.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-39d19"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805682
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCxiPQwzdd0TrmpOTSSuLOIAzT91fwtoR0A74u65yrHr%2FpVYuJQTYDOwiHTIWuH1OM%2BBwK4Bk2wjmXEgEC2rgG2oFJ94mS8mb0%2BapwbRYXLXdy09cejXnXBKFlJUHudWNHJfVAg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0129dd9c0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215
104.21.86.10200 OK 387 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215
IP 104.21.86.10:0
Hash 5b2eeac89cca9a738e26f2c45ca3b316
d3656cfa2054381a5c75c1edef82c379d48a46bb
400e83ee529ee06858a97b364dd9d9db8a65febfafab9334c602dc37cefdc016
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rt-parallax.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-397"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 949359
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyguhgSL9pWsZBjf2ncHNuQl%2Fyx3b%2B9E3cD1WlA9hxt7bmPV6XNDb%2FEYiuFGXvdPvJWGKLkPYsq7CK9G0Z1rr1DFKZoJGrHyBI%2FsEWMEEriOhsHAMHZVY2F51ls3GaBqNjusuVA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0129f916b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215
104.21.86.10200 OK 187 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215
IP 104.21.86.10:0
Hash 2b2ecc6023c34d28dcf10a7b57cdf412
b5dcb37a2e705625537c8b2c62cd2ad96114fe5d
c95d89cd5045462341bd479951e46f511bc198a007e1c3c2f701d3da9d754e7e
GET /wp-content/themes/casino-theme/js/gantry-totop.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-ff"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1072440
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYl1myUbbNOzrgrq%2BvSeLlfjU0Jnloyn9Nr9rcsOXObCjderW7uFU4yRTkHJtHvcju3y%2BsYzYNwg6GCV%2FDE2f3Jnfwpezp0F7IPaSVWF4opjjtewZCB5S3RpRv4LQl%2BDxieLWEY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a2f430b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/chart.js?ver=20151215
104.21.86.10200 OK 4.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/chart.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (536)
Hash 76ee9e365261a3cf2b0fd565d601b8ef
822164a3fb51ffb55a5c3356f1a79a29df58a600
264d38df92f6e62b140f92c260ac96af2e210429c40d7b19971313cfccd77af2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/chart.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-4d31"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1072427
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opqhXL2keMZghn7TvgMs0m7YZSdDW%2Bn8EDds1V4p2LCPNLERRbIxi1koB3Irot0bfhSWoyNsLpFp2NJWPOBHEAouCMq38CZhKEvOxrmEy%2FDJxoCx2kHY5iblP1WNwQ4KmP56pQ4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a2b9fb523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215
104.21.86.10200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215
IP 104.21.86.10:0
Hash cfc860ea4db28072a31107b1209fe911
97f3a367aaf72d84a83600996efefeb0d3cb849a
6be53b71dbaa24897dc595a018bf5287257cdcd4a559c44b8a8af6d7d9842369
GET /wp-content/themes/casino-theme/js/browser-engines.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-e10"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805682
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aapVS3RdLpKv6zqrd3tIh9KrhE1ezwPbPTTr9vRaH64kFf5EOnAIjRa7W6Pc%2BYEh9lhFCTm%2BZY5hV9waAmyQqMZJwkdVgp8D3Eith0pHuJ6KcqS6zy5cLAqLTovIOmw0MtbKMVg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a2db90b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215
104.21.86.10200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215
IP 104.21.86.10:0
File type HTML document, ASCII text
Hash 6c68a1ba6ceff473fc314ec07549d028
f242990a422188eddb1b50788f9dfc440001d4d8
fbb5edd301249c053007eadc8e1baf934937b273438beb9fe123984e4688499a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rokmediaqueries1.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-bc7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805682
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WE7%2FzMPHQURBtuQNge18RKVgQ3r20NeCoKEdj7I1mRi7dL%2B%2BP6Z8fYgb5w8L4MqhQV%2B8JeaOOOFHV0yFARNnZynDeLN2lQ%2FQXRHP0CYVXZeR9lWvUEIhoCIaY2TIOJbq2M75T4g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a2f450b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215
104.21.86.10200 OK 1.2 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215
IP 104.21.86.10:0
File type ASCII text, with very long lines (324)
Hash 7adda2b653b829227d343abe1311494c
ff506aca52274fca851f381bd2a2386fd40da4de
2c43bcafef1aee5b49d272f9fe89b0c2c423748e3c3e2f9469d6c7ce64ad9187
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/sidemenu.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-c12"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805681
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDB%2B8WBQEFtxxCqwImNn%2FS9sypyx8uIT52qJL6UlnNSxHdz%2FxHqlQzq1w6PKIvNgTdP3gqcCsf4bh%2BwgreBbAAyFC3eOF%2BuLO8VABM0RMgkKDRNhi%2Fo%2Fl55UgHqTM3Lx1vQU7lk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a2ba5b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215
104.21.86.10200 OK 1.7 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215
IP 104.21.86.10:0
File type HTML document text\012- HTML document, ASCII text
Hash 5da0e9224ce987bb2cd10033c191e565
1c60cc73f9cde5503fd2823b47f55bccdd4a2a59
f4742f7e683472498056b4b5aef824a8992b398b82ef5dd8f6fd07e7e423319f
GET /wp-content/themes/casino-theme/js/rokmediaqueries.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-1244"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 951670
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tt4PBxVei2%2Fct2vnrXL%2BUIHaE5XHRtjJq4d58%2FfLMDkF%2FvJWlePVkksolmSooZs%2FZw9aljYe5xHT5ibl3ramBupmvjUkBSRylIU9n9irCffyeU1JlBVQG04MzLjG0gN2adnSZY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a2930b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215
104.21.86.10200 OK 6.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215
IP 104.21.86.10:0
Hash f3a8d2cf6a5f3c5c972830ad06462b06
04b63feeaf2840606fc82d86f48596b8733d8bba
8ff52ba129497b1cc4827635f0c2576b8af2610d08fb296faf2524cd1492d415
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/js/rokajaxsearch.js?ver=20151215 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Feb 2020 17:40:18 GMT
ETag: W/"5e4d7302-8521"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 951668
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrWlCvDlGXAYlZ61zmH3JPSPqi7M4Iu45855H%2FU0VROgprLfZZ0BIWQqlLlLLfngnHbZVvzRX5ulBbL3QNqxXO28Q%2FX4hyg8c40Kzd0LAQO7Pdx9Rz2xCsQ66BzEjJnLnNWEMmk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a2dc10b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
104.21.86.10200 OK 651 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4
IP 104.21.86.10:0
File type ASCII text, with very long lines (909)
Hash 96f627e7798c9def04ee4b1e7714ab6e
4448490e333c96bec60f73524e3cb31632975283
b4beccacfc6e0c0dd3d311c6384ab0bfbd19431e8e83241b82bddc7d31ce7fa4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.11.4 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:03 GMT
ETag: W/"5c12517f-473"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 96338
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwyE0ocsvyDKgwnSqQ4yH9vMuC4DizAQ5skHNwVwpX02fHGwgjkFiZD9OuQRsVwnvFI0RFzhdHnbGUWvGyrZYVcH2OoU38%2BXuiwWq1JtUqvrCpAhmJQJ0d2FuRNJMTCoWhsPxuw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a6bc7b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107
104.21.86.10200 OK 548 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107
IP 104.21.86.10:0
File type ASCII text, with very long lines (1087)
Hash 72091825ef7903704f9a7eaa0cc1f657
c89609424b128d042711f6a056d6b3b657dccc52
08c73ef9e50d21576593c091ee035966ba02ca5232d71fed2bb5d644cf3a4275
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-special-textboxes/js/wstb.min.js?ver=5.9.107 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:34 GMT
ETag: W/"5c125162-465"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 1805681
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eocffvv05FpLX73qoCQ%2Fp%2BMwA3etOz1jVAFAVL5zouN%2BGtdGcFarziWRIgkjZpMB7OX%2BbphQ0ta%2BCpcd1SQdNzN7I8eTjy1cOyNLA7iyc2Tqe7%2BXJ7A7yQ46RuZqUBrJ6CyG0g8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a6951b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/wp-embed.min.js?ver=4.9.8
104.21.86.10200 OK 756 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/wp-embed.min.js?ver=4.9.8
IP 104.21.86.10:0
File type ASCII text, with very long lines (1398), with no line terminators
Hash 77ce65aa27658b26944312e742e1d204
952f595220a39db2f6c8e65c648fa6b1ecf92024
277851a5b1d095133da0244edd6952c2f6fe5ec1b25633812001abb796681616
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:17 GMT
ETag: W/"5c12518d-576"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 604389
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1dLBxJWq7Lx9HNyc685KLvIQd1MKmtXvXTlktqag0OKMOXEqp1WLduTK1Ltj08BpnDJgvPc%2FoIeNNNDnNRJRsrUpUjGdCZbV7wHS5ocFQ4f7oxMYiX%2BWSAMQ1pxSOVoDt%2BX3dQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012a6dd60b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png
104.21.86.10200 OK 18 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 8413bf6f1dd2223f3be09256f755c682
2f99d0744f451d7d631fff57510c99ef5a0cfd15
bf75418f7c7e4e45ba7c9ef9e2f0ae766660e4290022bbd91ca89116a8111bc7
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/info.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/png
Content-Length: 18310
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:36 GMT
ETag: "5c125164-4786"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 266281
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNDYSWhlgklfm5Xk%2Fy8VQhYbG2ac4p4yQfOo1hg8ThokhTbPIyIn5HzL5CVYW5ubLf4q5YHQhXr%2FIZGmvQAKQj1n9zLcBd7FGYEdpbiUB1Xb9YHDXk5pvLHoDY6Jx0ffz9eLUcE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012aee0e0b49-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/23.jpg
104.21.86.10200 OK 1.5 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/23.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 686e2aa1b2281f6a3b651b92e6bba23c
e18752299957bd764a939553067c0b344c9fa271
5b115d9dc91cbf76795a7f47fecaa9c6835491ba9d343b85e6c27b60c383e425
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/23.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/jpeg
Content-Length: 1511
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-5e7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 73
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVnoyZClKXzdghFigDOuOu3LHOLJRQxeM3Apf5QNcvAC3fC1DLl7ZT6U3Wcw7G6tE4V0VkFnEgIE3hPm2sjiaEZxvT%2FvhW8QfsBnCXKu9k6eEa17DFgKtLs1GDViKbrNSYlPWXI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012aec2ab523-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/30.jpg
104.21.86.10200 OK 6.9 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/30.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 5f32c3774a3fc5f2e4340ce8c92875fb
05dbae405fee015f6d0ff3a8f812a459235342e3
3bb6bca791ed826cc58b92ca985478bf7dfacae54c5cecdbdcd2c8a682db5e22
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/30.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/jpeg
Content-Length: 6926
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1b0e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 2891
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drbQOz2We5Fl8fWhx3%2B10uNRFWLlbxcc%2Be6T6I%2FaTSWQApwjlalHh41%2B%2FYd4jiarAFPKN6aiR8TzzEuvJQQQ8k%2BeXAvFC5z7g9THVoPJT3Y8Lydj5YGWI3LJJCZqe01t7k5N90A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012aef910b02-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/14.jpg
104.21.86.10200 OK 642 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/14.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 0e210cb587f549ef14365f11c6a10f16
00e7ff4b7ed4cc14dd46ce4088514cd018eb0e32
ced64c6c20d08b2615eab15db79fd3dce49bf146cacbf2701b330b5536c153d5
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/14.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/jpeg
Content-Length: 642
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-282"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 96338
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0kfjZJjPosjdyn%2FPEvEbmm5HXGLV2AG4W%2BNZjafv48spWYAJ6UMDj14EqLbtWu0gKt2O0Cc%2B%2BqlCp3XRZtOY892sOtedohc0XHJUPgQI8GOuXZJh2VhNduic7LIQ3DrlyINafk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012aec2fb523-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/11.jpg
104.21.86.10200 OK 2.4 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/11.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash ddb3291245cbaa55790eb36c4093c550
1c929680ce99a6b5873ae960f440ffd7c46b0451
a15e780363a7c54e554c724ce6f3f5e93323562837f3db0d86b2947c03af8698
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/11.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/jpeg
Content-Length: 2403
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-963"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 6016
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEHStvXO8dLtIQfIEdjDE2i2c%2BW0NinlQmXUhWy8BGQBmWE1kmsha1GwMsRkKnXqr7VYjhU3%2FqBzRMHhmLFdI60%2BsZgK88lTZaPYqPxSMo2QKA7kVyp7EsCRBdFaCH6xukbrz3U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012aef9a0b02-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/21.jpg
104.21.86.10200 OK 16 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/21.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 4e5ddb277b8345a085c8996661ef0ab4
53adfbda6d7c9bd5193f3dbf9cca0ae6281f68dd
4cdbbf8a7cd8c116587e3b7ede00f51f868785e64abf635c4660bd2e9b43bcc3
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/21.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/jpeg
Content-Length: 16075
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-3ecb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 91561
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDNvy8jgtxu4k0KEZ02JCul0t8%2FvDOZjb7N%2Bv3ZMQmmtjl1vTrRnqBmkh0TL9jmXtidJIPkbls4h%2BCjJeLyCEjoWL27m6CPgEQhRQwFtmWPikyRgohD4rhZeroO82uMeah0Z5HI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012aee0f0b49-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png
104.21.86.10200 OK 20 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 93551a3aa448b291fb298c65875cb86e
b215ea724beb57ed1d73290d86189a384878a629
becc186aefcbbc15ac415d868dedfb684539a2e97deb52fcf6aa932833d52185
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/warning.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/png
Content-Length: 20026
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:37 GMT
ETag: "5c125165-4e3a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 96338
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwVCiPqLMczlUpQJtxyqqefNH%2BFREltO7i19PePCVMUXQ4lsnRgreg%2BxdnKMmoXuMkI8kBF5b81RC9cF3KesBJRLghUjppCIlyrJMmJibBiV5MCPkYD9rxO%2BEmJGf1ew4pY%2BAZ8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012afe130b49-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/uploads/nomera/belyj.png
104.21.86.10200 OK 15 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/uploads/nomera/belyj.png
IP 104.21.86.10:0
File type PNG image data, 300 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 091e0e46fd55e28f3913afb54c502107
1fb6f99e7e106a1abdec2946f3bc8574ab8dd67a
be317d51545ed22c532dc2c0b2439e9b022b956672c6a7104363f7502ffe1de3
GET /wp-content/uploads/nomera/belyj.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/png
Content-Length: 14994
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 17:59:56 GMT
ETag: "5ecffc1c-3a92"
X-Cache-Skip: 000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6016
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gej7DMeRlYRYgYSW7ERB4t8O%2BBkQ307wirUAHDToay2prgX35GxzrQTu669SWdHdzMt5ZE9K4JIebXaM3WMycrMwtHJt7kLoY%2B%2FlXUkL8vySYdoN%2BdrsiHeCekp0b35Goo9JQfo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012afc36b523-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/uploads/nomera/temnyj.png
104.21.86.10200 OK 16 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/uploads/nomera/temnyj.png
IP 104.21.86.10:0
File type PNG image data, 300 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash afe778684379fd18d59715ee1b3f8f0b
641cff282743daf6c12935fff6f60f5b2ddeefea
c34f1bf88aaff57831c76aa6d8ecef3811670ffb7a211deadb1481ae21329b01
GET /wp-content/uploads/nomera/temnyj.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/png
Content-Length: 16067
Connection: keep-alive
Last-Modified: Thu, 28 May 2020 17:59:56 GMT
ETag: "5ecffc1c-3ec3"
X-Cache-Skip: 000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6016
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPNvE04C4irOq4OAesgncUyUwY3Qu%2Fu3Lf47%2FIDmoK97dsyWqQx0xm2isNDbYCcPMSQTXG%2BTuN7WepcjMyJRj9rWBa3zWFZ9n9VzVkzyCcI6puBlzRaSiYh2upBld2s0mXENf7Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012b0fa50b02-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg
104.21.86.10200 OK 1.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash 1e196375ebc7ccbfb4c47aeb3734c109
1bfd1466ce267bf0bccc357fdd9e0d3a315c6532
1b7185720d91ae5783fe3b1825bda551f4358b223fc086d19cc1c8f98bd9dd50
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/3.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/jpeg
Content-Length: 1027
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-403"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 6016
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AK9BvSLgh2Mw7e3wwcwSJMlcbY%2B0A%2B%2FXjvHjVAXQOoRESNa0kgvSMsjMD8yRHmVW84R7XORCnTObrM40BmlCvIXfrKhHmlwiBC9DTBs6v3CuXz9b3gZe5SmMXozjhTOx%2B%2BliUY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012afe150b49-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png
104.21.86.10200 OK 15 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png
IP 104.21.86.10:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 464b73a2f6a9663f96380be90087ee51
8e2c879dd21aaf4a9237168483ecd4f229fcdeec
1ed3a52831e8816fe8a7af982270c84b8f2fcd24b2b05991a2ef8997e4409baf
GET /wp-content/plugins/wp-special-textboxes/themes/stb-metro/alert.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/png
Content-Length: 15070
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:32:36 GMT
ETag: "5c125164-3ade"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 350480
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JI9Cyw07FJe1rPa%2FXdyI8LAroh1SOuKB1hsF%2FX1Wa73Id6WB%2FPe167Z4%2F21Lady2%2BTF7y2tIi96czTGpikLQyCCHCdaDwa7sCR%2F8zcIHDoriP5c2npKa5ttCmPnrP%2FRVHMMxcwk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012b0c41b523-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/demo-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 73
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkkKCN3IT94WXxRFUoKCgs2Y7latWgUoTpkAQisMBWQPRhncEFmuT2f1mF694s3uQGyPtnEwcaa1AaM02kAne6ojF5DqfreuYKviOfdTe1uo8Ti7ovU%2B5vw1px5wW7iQxrfrs%2Bc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012b4c5db523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
104.21.86.10200 OK 4.4 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
IP 104.21.86.10:0
File type ASCII text, with very long lines (9118)
Hash 753d9a1cd7cc47e65c8b7c21543b1616
c4d57275c339b3b8df1d24124bd10d0926b5575f
8a04b00f98848434b8139a8cede0c5bb33334ea3be64ddd3bfae16977b396a6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:33:18 GMT
ETag: W/"5c12518e-2efa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 604389
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYTCjSmyR9HjW7fplicxS3y7LeOrAMFtEcp2kuE6lDh4TFRQtxDjrtHj91mcgzh38U27tOsKW%2BXTslnF1pq6zTtol0fxnrCWBs1XAvqTZZ3jvrsR%2BfWuuwEVYAVsX8nCDeEa4iM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012b4fc60b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
104.21.86.10404 Not Found 627 B URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c95b644b53c4bce1ead22a9708a5eeac
075ad54e440562674721bca80c6deed23d1a084d
ef94074762d3397c8ec71b8bdb94993543cb4d33c618453f135741d49ba2c704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/casino-theme/mediaqueries.css?ver=1.0.1 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 73
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExnWdT92ffb2qYn4gHn4dJUvp%2FzL9PqajuaRFQbhZDlvVMtYh0kUMc6gnr5jL34pF7OGVigWYRAziQEEsCZLBtpBJ4yB2Ga3S4%2FB3zp7deyOyqho3kaY%2B36TxVDY3EC0P3lq7cQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012b4d12b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg
104.21.86.10200 OK 7.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 6ffe430d51d22e42c1c60bb54257890a
65176df4d28ff4662f75b209d2a5e2b2a7bf709a
50a64f26cfaf466f92fad11b097701d16aa3e1aff6e3b6488e2ee268129719e4
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/5.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/jpeg
Content-Length: 7346
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-1cb2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjV2e%2F%2Fr2e1DBLUyWPiPOxHc6Uh76a%2FJ5PYn4BHj5CubzYIHob%2BjBLSVxA95BI1x0W%2BeorqBuVxuyOj%2FOnsh%2BA%2FAJz6o3X%2Bvp8T2F%2BsjjEVNkaqfrEVsqyC9ImKfDjtFpnUAnns%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012ae98bb51e-OSL
alt-svc: h2=":443"; ma=60
kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg
104.21.86.10200 OK 17 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg
IP 104.21.86.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash a20dff5090471c85d6257543fc617901
132061a805fea75cb18783d0b0df68770d0550c0
e857b935368f2912f670bee1b76aa9232a97a1f0b76af6427960ba49213ff746
GET /wp-content/plugins/wordpress-23-related-posts-plugin/static/thumbs/17.jpg HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: image/jpeg
Content-Length: 17223
Connection: keep-alive
Last-Modified: Fri, 25 May 2018 08:00:30 GMT
ETag: "5b07c29e-4347"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXO%2FATOdLzMbHLhoviahjp32Jr1kNeCXEtlh7R0bYk4WKphJPesP512Qe%2BIcOgsc9NyH8kpwaAjCBKvXzgLzutw1URHCTOI542p8gTeaR4qHTaLNwm2vqVzobZaJjCmyU46WUB8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012b0e180b49-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28444, version 1.0\012- data
Hash e996a4db02cc36705ce700e4b5d06b3a
c5fa1dff68d7d83689f58bc498caea9041cf7b75
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
GET /s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:29:11 GMT
expires: Thu, 31 Aug 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 375715
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 03:38:16 GMT
Expires: Mon, 05 Sep 2022 04:15:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1z3sbHopARepHmqOJKdY25djRdLqXaSjd3pCkTI7DWHnW4WkNZMJaA==
Age: 770
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:27:53 GMT
expires: Thu, 31 Aug 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 375793
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
142.250.74.163200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:27:54 GMT
expires: Thu, 31 Aug 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 375792
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
142.250.74.163200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 29928, version 1.0\012- data
Hash 609bea65e2bf8ee9b728a85a8f1b282c
a0d2fbcf012e6554fb8cb182994ec8eb744ab65d
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:39:25 GMT
expires: Thu, 31 Aug 2023 19:39:25 GMT
cache-control: public, max-age=31536000
age: 375101
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 21:14:35 GMT
expires: Tue, 29 Aug 2023 21:14:35 GMT
cache-control: public, max-age=31536000
age: 542191
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6295
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:07 GMT
Last-Modified: Mon, 05 Sep 2022 02:06:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
kozbanov-lawyer.ru/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
104.21.86.10200 OK 1.3 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
IP 104.21.86.10:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 006849bd75bbbb96d5b1f5997bbeb52a
21ce90bf8bc0105fe13d635d5f9b8404d8759e82
56c87ee1e1a6878217897741f85a8048012b693a4cb6b03804a322d8fed02a88
GET /wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:07 GMT
Content-Type: image/png
Content-Length: 1286
Connection: keep-alive
Last-Modified: Thu, 13 Dec 2018 12:34:48 GMT
ETag: "5c1251e8-506"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 6017
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NwfJRx%2F8521U9BRoynmSx2hatcpzNnwcMubpDGFN3S63qilfCyKQX9sla8tvfAxncajwv3Ao1LbjdmAKyggeXQ7luDefu%2B6j7i%2BBzCiADahfySbLg%2F%2BhIAcOaTtrzwIvyW8TFY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c012e5b50b51e-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c16db54a/www-player.css
142.250.74.14200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-player.css
IP 142.250.74.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 666388d9ac2c812d3d9b0e511b1cfea0
4dfa524e6558a4aaf676578dd3275f544cb36625
a1532094c979ab2823b5baf7e5843d731e1c64765a8b8495f89bb56b7f7df117
GET /s/player/c16db54a/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/3iudaShjRNs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49081
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:40:24 GMT
expires: Sat, 02 Sep 2023 20:40:24 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/css
age: 198643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 141549
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.233.140.213101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.233.140.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uxlp/CIk1HmKdaE8lLZzAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kkB07g+c4OR8eO5Hc+QRIEsJHLw=
www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
142.250.74.14200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (592)
Hash 26b6e79984361d593bcf000927f559db
36dc3faef99c68636ed7d8a2d46783ccfc3be7ff
2795564d0f494ec4aed32d6708062dd699c22324d3df26588d5e2e2c2a956b36
GET /s/player/c16db54a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/3iudaShjRNs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:40:24 GMT
expires: Sat, 02 Sep 2023 20:40:24 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 198643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
142.250.74.14200 OK 587 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (596)
Size 587 kB (586778 bytes)
Hash da3059ae3f2d892ccddf5832ff6f7a5a
df25b539e3bc115ff39343862807b32cfce2b4bc
abe75b67d443e17494a271925559be75c8a07e454c645153dac3e4f3a82947c4
GET /s/player/c16db54a/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/3iudaShjRNs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 586778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:40:43 GMT
expires: Sat, 02 Sep 2023 20:40:43 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 198624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
104.21.86.10200 OK 14 kB URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
IP 104.21.86.10:0
Hash 1082774ff798fcd8df634e00003ee02c
e3441215f1b0d5336993e8bdd7e7f79230c2ddd1
7a57e8b1b5424977938ed74c3ccc77dce468caba198ad184bdad1cf623fb0da0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg2bHidDoecqsNS5ntP8D%2FrqaUQTu3MOnc0DuLLJCugARBPEpUHv5E8FJCHYFHrYZ9OyTqD%2FEzmDN%2Fu25%2BRgJ5a3b2GogKoKwrXh9W3ZSDhwTov819pmJn3P3hL96cLpe3t6ETE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745c012e4fbf0b49-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b0ecf5c5e4aebc037d854d886679da63
1283010d9b5a83c424e1b91ff8f33994f6b1afeb
3ccd12862db796e7ef7ff6d62806eee3b9cdfe6fa68a08fa90f2399953f5f3ae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3CCD12862DB796E7EF7FF6D62806EEE3B9CDFE6FA68A08FA90F2399953F5F3AE"
Last-Modified: Sun, 04 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13003
Expires: Mon, 05 Sep 2022 07:27:50 GMT
Date: Mon, 05 Sep 2022 03:51:07 GMT
Connection: keep-alive
kozbanov-lawyer.ru/favicon.ico
104.21.86.10200 OK 1.0 kB URL HTTP/1.1 kozbanov-lawyer.ru/favicon.ico
IP 104.21.86.10:0
File type MS Windows icon resource - 3 icons, 16x16, 16 colors, 16x16, 24 bits/pixel\012- data
Hash f2f1d96f7391d0ea847d0d356514bd4f
26a24c46bfaa5134934265af029bc47d23880379
92a9c2ca41b28538e0e0f90ba277d2f0a24d5406b275a59abbf1f430b7925b1c
GET /favicon.ico HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:08 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 19:53:44 GMT
ETag: W/"5c8d5448-92e"
Expires: Tue, 06 Sep 2022 02:10:51 GMT
Cache-Control: max-age=86400
X-Cache-Skip: 000
CF-Cache-Status: HIT
Age: 6017
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKOppPDJv6G1iVqoO4U7bHdwqNEqkPz05f6LCmwN9b3uKKcfW%2FrJS4KXvuElvPNebCpWh9woHrUzXWgzkLsVQ6i9w6EFqhmohD2ffWhjUjbPmRZDUg89bX2N7uHnPwVJic9Clyo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c01333e43b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992;0.05880698270895712
88.212.202.52302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992;0.05880698270895712
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992;0.05880698270895712 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
HTTP/1.1 302 Moved Temporarily
Date: Mon, 05 Sep 2022 03:51:08 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992;0.05880698270895712
Content-Length: 32
Expires: Sat, 04 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6270265dfb5ce771ed4f83dd9d08107d
1b3a45e78551022543dd717be0674c55ed128795
9742b1c3526c383d30bd303f66d2e072fe527f5f814e8674b2ea7a3803784960
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6270265dfb5ce771ed4f83dd9d08107d
1b3a45e78551022543dd717be0674c55ed128795
9742b1c3526c383d30bd303f66d2e072fe527f5f814e8674b2ea7a3803784960
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 03:44:23 GMT
expires: Mon, 05 Sep 2022 03:59:23 GMT
cache-control: public, max-age=900
age: 405
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 05 Sep 2022 03:51:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 05 Sep 2022 03:51:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6270265dfb5ce771ed4f83dd9d08107d
1b3a45e78551022543dd717be0674c55ed128795
9742b1c3526c383d30bd303f66d2e072fe527f5f814e8674b2ea7a3803784960
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Sep 2022 03:51:08 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e55281415ad2c89f8e871f59400c8dc1
bc7ca4131f13d89604161eb0641352670c28c033
1e9c57dbee44db8c9aab44449f9f0cb502a6d9f6473de439daf26414d0d2517a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5b02269db01bc68d2b6c44797d1a195e
0b37ca9831c7f0e39b17c9a22401484ecbc98538
a568e059056c8ed849b140fb3be3ab4007e92c6e96ca43ec1b26bbea79be1d33
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Sep 2022 03:51:08 GMT
server: ESF
cache-control: private
content-length: 30615
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 30 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e6e10bc183ff6edaaeab482e2cacd764
9b02ae28b4639d34c1cf31e7eb1e4c30bd5167ba
0298221b5619da52e3b220f4ac39bf518f28e5a65b87e98c61bf1f57d4150583
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Sep 2022 03:51:08 GMT
server: ESF
cache-control: private
content-length: 30459
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/H7nvYvOfHnKCxYWMHscKykYq8uwe1E_aCBXglESdy34.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/H7nvYvOfHnKCxYWMHscKykYq8uwe1E_aCBXglESdy34.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36151)
Hash d93c4826dd6784b6e0e245668e6f799e
02e5105364980f796f7e5dcfab0b441e1f03791a
8d3e86deda79a7316fa9e2066e9c0251fc5c400845162cfc21b4507467936fb7
GET /js/th/H7nvYvOfHnKCxYWMHscKykYq8uwe1E_aCBXglESdy34.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 05:03:49 GMT
expires: Thu, 31 Aug 2023 05:03:49 GMT
cache-control: public, max-age=31536000
age: 427639
last-modified: Mon, 15 Aug 2022 09:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35668)
Hash 58f2271111ba15010206a4f5e3cf6d4f
19455d45b3b205e5b3da57f724be25f0c964813f
f0dd11a1e2a67ff7363bf13949a290ad35352f03026fe0d31e123fe65655a8cd
GET /js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14098
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 05:03:13 GMT
expires: Thu, 31 Aug 2023 05:03:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
age: 427675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0
104.21.86.10404 Not Found 42 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (20374), with CRLF, LF line terminators
Hash be81066dc856c22bf821147354557fb6
615d516d7ea8038525403074fd7390d3624a7cf5
0317fbf5e2e051e915b68a8b2ecf8799256ff3329f2d8c8334ee75a6a5456a76
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 03:51:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
Link: <http://kozbanov-lawyer.ru/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=707ob7w8DyuKYdBq%2Bgr1atPjAkQwd8dTOVR0IHqmuqkC1TWtMPv9QVV%2FTv2%2Fl0ECf%2Bq%2FLyKrABy%2BbWBB1AcUsuT8l7bCQ0FZqoWcQLRJhX4Lhtm6Ras16cxfG29dJ4ZuybV4%2FBc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c01339e70b51e-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77c0e16163d79bbc6c75c058cc87d99c
e8f9a4d566dec5976930c456b20f5cd456d05fc6
9d934045d4a473992d38c026ced5256d480695e691e54602cc1d54473d36b173
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77c0e16163d79bbc6c75c058cc87d99c
e8f9a4d566dec5976930c456b20f5cd456d05fc6
9d934045d4a473992d38c026ced5256d480695e691e54602cc1d54473d36b173
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/3iudaShjRNs/sddefault.webp
142.250.74.182200 OK 44 kB URL HTTP/2 i.ytimg.com/vi_webp/3iudaShjRNs/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b156d04c447ee7918b106769ffde0c75
b6a7b4804883520152fbefbe2a0e1a8214103dbf
00f55704d88ce7e5e6c8d8efd67c67ecc358b4d1e11ba0a57c59f9ab7f86a42e
GET /vi_webp/3iudaShjRNs/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 44364
date: Mon, 05 Sep 2022 03:51:08 GMT
expires: Mon, 05 Sep 2022 05:51:08 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992;0.05880698270895712
88.212.202.52200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992;0.05880698270895712
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 43af276eefaf4f8c43f9d1205ed559b0
0f538bb412beae5e68af2a10e782e681b0fc3a45
49f818c3bf653b785505eb4582687ef1b6d2bd0a208b6c975bba742c768bb91b
GET /hit?t26.18;r;s1280*1024*24;uhttp%3A//kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992;0.05880698270895712 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kozbanov-lawyer.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Sep 2022 03:51:08 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Sat, 04 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77c0e16163d79bbc6c75c058cc87d99c
e8f9a4d566dec5976930c456b20f5cd456d05fc6
9d934045d4a473992d38c026ced5256d480695e691e54602cc1d54473d36b173
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/BivDAMvdjE0/sddefault.webp
142.250.74.182200 OK 39 kB URL HTTP/2 i.ytimg.com/vi_webp/BivDAMvdjE0/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df1ac4afa30b2b44de738b78399286c5
fea4de388a8fe2780b5d8959f325aefb5d74f06f
0721c70b5180cf65d740c43db5f714d98600ac12ec308df16ecdd3f1a6a63965
GET /vi_webp/BivDAMvdjE0/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 38618
date: Mon, 05 Sep 2022 03:51:08 GMT
expires: Mon, 05 Sep 2022 05:51:08 GMT
cache-control: public, max-age=7200
etag: "1556824781"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b88de5bd85eba52e5e06c62340d99c60
84d6f1320f5d78ca7d490d1afcf13e23f1316134
6210eaf6b3250104441bd8c81f3ada1150e233ec351f377b341ff111a7799b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8I_uZHFaHCIbg1KP69dNUrgJgfFSP5WKpXYWbEgQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8I_uZHFaHCIbg1KP69dNUrgJgfFSP5WKpXYWbEgQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash e30cef556772e9d85955a02f95e8f2a3
32be3537ac21ff26bac40e8f1da6ea816bd4ae44
89263471f2cfb225506de5fe23e1bda49178688e94c0d5780d4b3ffec4fa7d2e
GET /ytc/AMLnZu8I_uZHFaHCIbg1KP69dNUrgJgfFSP5WKpXYWbEgQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3179
x-xss-protection: 0
date: Mon, 05 Sep 2022 00:21:48 GMT
expires: Sat, 30 Jul 2022 16:36:20 GMT
cache-control: public, max-age=86400, no-transform
age: 12560
etag: "v2ff"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/fXnlhTqfoIcuNRb4OaDF-TPQ8s3Us5Tn3dFkk_sUIrzrXSV0PKUAbEVTV_dsRW1piAjWVj9P=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.9 kB URL HTTP/2 yt3.ggpht.com/fXnlhTqfoIcuNRb4OaDF-TPQ8s3Us5Tn3dFkk_sUIrzrXSV0PKUAbEVTV_dsRW1piAjWVj9P=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 9a396838ca898ba5e16918eefddecab6
c770efdea35f774c08e19a0ae19afba211360926
088ed4862a1ee53df3e8f26f312dbccee2838827bc4c5b25a250b00511ce3830
GET /fXnlhTqfoIcuNRb4OaDF-TPQ8s3Us5Tn3dFkk_sUIrzrXSV0PKUAbEVTV_dsRW1piAjWVj9P=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3866
x-xss-protection: 0
date: Mon, 05 Sep 2022 00:18:32 GMT
expires: Wed, 15 Jun 2022 09:43:41 GMT
cache-control: public, max-age=86400, no-transform
age: 12756
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b88de5bd85eba52e5e06c62340d99c60
84d6f1320f5d78ca7d490d1afcf13e23f1316134
6210eaf6b3250104441bd8c81f3ada1150e233ec351f377b341ff111a7799b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 03:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12892
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 03:51:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12892
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 03:51:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12892
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 03:51:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12892
Expires: Mon, 05 Sep 2022 07:26:00 GMT
Date: Mon, 05 Sep 2022 03:51:08 GMT
Connection: keep-alive
www.youtube.com/embed/3iudaShjRNs
142.250.74.14200 OK 28 kB URL HTTP/2 www.youtube.com/embed/3iudaShjRNs
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60170)
Hash 709256e3bd71a6486a5c3145039fa135
156de540e7f36df9d793b539c1941854715af683
ada1a69e9a889c3cb8b5e9fb4f511c5c0c8d60c0a71d73858fa6509c6871fed1
GET /embed/3iudaShjRNs HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Sep 2022 03:51:07 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1AtFArFvRJY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=rsz4E0qTY-Y; Domain=.youtube.com; Expires=Sat, 04-Mar-2023 03:51:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+995; expires=Wed, 04-Sep-2024 03:51:07 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F875b1350-d6cb-484b-b34d-981135d4edad.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F875b1350-d6cb-484b-b34d-981135d4edad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1935776a22a3379977b4e2a3a6ad9079
2ee2724614ed7b510724651a68f54de6f29c3315
c123ea12ec946994c78755d0ad73f566c2c38ea43f2962456a25d671015a6e9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F875b1350-d6cb-484b-b34d-981135d4edad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: ee6aa44a-5f41-4644-8a4a-e6a3562ba212
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0Yo8Hg7oAMF6hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311a16c-0fa2679b5f7f901b239c058d;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 06:23:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DGueXzJksSbZhCx2IOAyfn4yilY4Yx-jugYsdFS9zcTn8IUuto8Bzw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:50 GMT
age: 21918
etag: "2ee2724614ed7b510724651a68f54de6f29c3315"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4d6973685c96423469bad0cdf87aef3
9c00f2f5c3677908c2bdd8c1272d50d113672a88
f0fccb7a9c7bd00777e74b67ef248b1d9596ccaeb40b24c3451f4a65d0079968
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7358
x-amzn-requestid: d925ec69-0baa-4dc0-912c-ab4d0e86ffac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GRfIAMFmyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-041f82c20184278e2bfaad12;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FjgrWe3PbQeEjqtBdrv4qZYxS-dsxh3ia9K5cxPxLq8pImfznoXFpQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:13:34 GMT
age: 20254
etag: "9c00f2f5c3677908c2bdd8c1272d50d113672a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f31081f-706c-4ba5-8026-d80f418f0e9a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f31081f-706c-4ba5-8026-d80f418f0e9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d1d7d95258e80e549a36826ffd55d8b
2f3d6053c4014cbdabf2187474997eb2156f168a
7a8c4fa0f58191a0830de1921a128d1a49b9627f5e87bb153645b7687b3f8f5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f31081f-706c-4ba5-8026-d80f418f0e9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11538
x-amzn-requestid: d429060b-9a2e-4bdc-8fd8-ade90fa26566
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2EwCIAMFnAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-6733538a2958d9581b1d51e6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: heEJL_2CrIfnkRldwF8VLKHaR8O6YacPXZYaugcg8_z48zrwFIdskg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:50 GMT
age: 21678
etag: "2f3d6053c4014cbdabf2187474997eb2156f168a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GuATNx2xnWnEl0cr_2ZWZo_jOWbHlSBYksIeHFDoHAK9o5Tf0PPliQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:29 GMT
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
age: 20859
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d19ae40ba0a61c69d0bbc87ed8da454
064232b77c890404a294500597e562b3945453be
a2d2bfe5d44394511949665e36492706dd655a46198bf7ae555033eedfa46d83
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c070a1-cfda-4086-99d7-f4d72a7f9d8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 94ff7301-4895-4fad-81db-a2774c8db061
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3OeaFDYIAMFQBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312c45c-450abb734f447a2c2db18aae;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 03:05:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _rdmPm3Jy_SzHM6g7lQGWxUkjzWkv6WM46xrwnIa0SWNxyufdjLHsw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 03:41:46 GMT
age: 562
etag: "064232b77c890404a294500597e562b3945453be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca4ce97d-6ffc-4b05-bad2-5c1a4358c1dc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca4ce97d-6ffc-4b05-bad2-5c1a4358c1dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f231416a9629ddd9d4bc86c2a8c21e1
05815550329d38fcd02ac12f197fc2ec0d271830
1703f0782b7d1724b2313c25ee084d872d3602f883f9a7260ab19568e726ffde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca4ce97d-6ffc-4b05-bad2-5c1a4358c1dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6928
x-amzn-requestid: 7f219b47-6290-4c62-a46a-1e66908cb272
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xs9XgF9gIAMFmXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ea8fc-137ace6402c294aa6992e859;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 00:19:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cRn_33wmRxZV4ge91QE2KZRVdNhqo0XqWtKLYHhMAvgCxZtwIo5sPg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 04:09:14 GMT
age: 85314
etag: "05815550329d38fcd02ac12f197fc2ec0d271830"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0
104.21.86.10404 Not Found 6.7 kB URL HTTP/1.1 kozbanov-lawyer.ru/wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0
IP 104.21.86.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (20374), with CRLF, LF line terminators
Hash 67b1c2e31298f4db08260691bcc5cd78
99a19e92b46ce447384787de582a3e21210af3e9
707792eaab9cb2d4a606a900a46c95e3e6e60eed6509bde38195edc5df875cd0
GET /wp-content/libraries/gantry/assets/jui/fonts/font-awesome4/fontawesome-webfont.ttf?v=4.2.0 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/wp-content/themes/casino-theme/css/master-3a9d5bbe25fa4ce5b9fec2f02ef5f866.css?ver=1.0.1
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 03:51:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=14400, must-revalidate
Link: <http://kozbanov-lawyer.ru/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8Nj22AxlvoQeaFX6DiOMIMrLxTgqAY4FwrvJaETGQNfZ2RBkuC3xGxUlFux4pl24IRbo6tWkZowBJMczHKtB%2B9EwUKz3GWPXKNAHJ%2BHu5jUnSlDu6pljH2J38e8uwMkYYa9MX4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745c0135cfa9b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.24.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kozbanov-lawyer.ru
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 03:51:08 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1064987
expires: Sat, 26 Aug 2023 03:51:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMNpBFqLEYFRbjYJFNqoHoJ2ouDVvpa8WqbWMsAxUzHkMN7en7ID7dwe0JXTOrlr%2BInEextsIhdT%2BdMVqtZrmnFxmwwm2aw8ny2qPtO1T2ZxMCuTWaG98Me9Uw4tO5fD8sdnnWTa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 745c0138abe8fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Sep 2022 03:51:08 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 118 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f7fd709bcd66de6120cebc28851ec28c
c4b86bb11a9796f89f2b2f9f85d1cc414d4de8ef
9955971bbd8b226b0b4db4b95d72370f1b05191f629c0be5b224ddf2ba981475
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1171
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Sep 2022 03:51:09 GMT
server: ESF
cache-control: private
content-length: 118
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 122 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1385aef95cfe028bfab48e7f017c1d43
102572aaf43c89cfe2833d5113462d777ba9fa2d
d417cbd1b6bae5e04d10ea2e9691927647cdbecb9f19b36d0fd49190090dfa41
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1248
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Sep 2022 03:51:09 GMT
server: ESF
cache-control: private
content-length: 122
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
104.21.86.10200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
IP 104.21.86.10:0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVGlQIcnw5%2BUEn46pXRNgYiNHa5wQPLMNHZHk44FXKzNfgkG2lfwjtJDX3hZdAKqA08H1seA%2Bha3y8ZHAcmYkyZRUufHT2Eto9J06a%2Fo%2BRe9Da6eDRQt6I6e3xKPIi%2FNndDh4b8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745c012baff10b02-OSL
alt-svc: h2=":443"; ma=60
www.youtube.com/embed/BivDAMvdjE0
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/BivDAMvdjE0
IP 142.250.74.14:0
GET /embed/BivDAMvdjE0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Sep 2022 03:51:07 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Yy-PpzqFjIE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=yVycS7FiFfo; Domain=.youtube.com; Expires=Sat, 04-Mar-2023 03:51:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+205; expires=Wed, 04-Sep-2024 03:51:07 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
104.21.86.10200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5
IP 104.21.86.10:0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=e2f74eb89f0f0e540e4ff61fc9419bb5 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQsgVSJO0WdqiltxXr%2F9ypdjPHgx7nfzwNlLwRKOJVhGLym3wmMwIaFsQBQ2eJRaHyKQL%2F8EhgUVJyoDgIYvzyoUs5gztHcQKx9C7jr3lDzyLBWD40%2BX4ouqH%2BP%2BL%2BczXAaWZKk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745c0128fb01b4f4-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&subset=cyrillic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&subset=cyrillic
IP 142.250.74.10:0
GET /css?family=Oswald:300,400,500,600,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 03:51:06 GMT
date: Mon, 05 Sep 2022 03:51:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partnerforce.ru/widget/law/v4/js/loader.min.js
104.21.16.253200 OK 0 B URL HTTP/2 partnerforce.ru/widget/law/v4/js/loader.min.js
IP 104.21.16.253:0
GET /widget/law/v4/js/loader.min.js HTTP/1.1
Host: partnerforce.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 03:51:07 GMT
content-type: application/javascript
last-modified: Wed, 24 Jun 2020 16:48:18 GMT
etag: W/"5ef383d2-f6a9"
x-cache-skip: 100
cf-cache-status: HIT
age: 6707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FfIDRHWKk6mAmwSuXBJ%2BCZCuU9%2FuOiZyt9tSrxRHiDDWJ6il7p9xkaS7swcxbipJv3IyZAI7HVIi8vuPKKxUgvf7hS4MFeGeaky1V0fJQ6WNSk5eNfMvKW2gaL1UhIBFm4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745c01328aabb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=PT+Sans:regular,italic,700,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 03:51:06 GMT
date: Mon, 05 Sep 2022 03:51:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
104.21.86.10200 OK 0 B URL HTTP/1.1 kozbanov-lawyer.ru/widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53
IP 104.21.86.10:0
GET /widget/proxy.php?csurl=/form/two_page2/0.1/init.js?token=f6b37f6b5b5d0c2d5cfaa21139e80a53 HTTP/1.1
Host: kozbanov-lawyer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kozbanov-lawyer.ru/obrazec-dogovora-arendy-chasti-nezhilogo-pomeschenija-51992
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 03:51:06 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Cache: MISS
Cache-Control: max-age=60
Pragma: public
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
content-encoding: gzip
X-Cache-Status: BYPASS
X-Cache-Skip: 100
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SnjAmC3eWA%2F%2FTI%2F%2FG4EXmIikSYlQ3fiS7uT5bi%2FphlrnUb4NQfF188h8IkA3598pktf4HYu2wlSWwMOCKUSWhJNNfkf476n0MNQ7iAS9M%2BHW3ajZvBG5rsY19exLjtQjSRWMpE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745c0128fa181c0a-OSL
alt-svc: h2=":443"; ma=60