r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2222
Expires: Fri, 02 Dec 2022 17:08:04 GMT
Date: Fri, 02 Dec 2022 16:31:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5347
Cache-Control: max-age=156560
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:31:02 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:00:22 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 16:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 770
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4403
Expires: Fri, 02 Dec 2022 17:44:25 GMT
Date: Fri, 02 Dec 2022 16:31:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xvWrHl1pQqu6uzzxsIegjfsyXz5yBzUWTfdxGK3C72E3iR1AXfe0se8zmRqPjRb0I+lmQXzMPJo=
x-amz-request-id: NJWB34HVMFXSC1F8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 15:46:45 GMT
age: 2657
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 16:31:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
5.101.153.136301 Moved Permanently 0 B URL HTTP/1.1 www.rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
IP 5.101.153.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf HTTP/1.1
Host: www.rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=30
X-Powered-By: PHP/7.3.31
Set-Cookie: _sfs_id=3d861cd77180c05f1bd309f12c2741f71bbd9f78e84eaf11ec2335b00ad4133d1669998662; expires=Fri, 02-Dec-2022 17:31:02 GMT; Max-Age=3600; path=/; HttpOnly
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 16:08:57 GMT
cache-control: public,max-age=3600
age: 1326
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5339
Cache-Control: max-age=151490
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:31:03 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:35:53 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
5.101.153.136404 Not Found 127 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
IP 5.101.153.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6044), with CRLF, LF line terminators
Size 127 kB (126838 bytes)
Hash e23b75b78b9fce3da3c402e9bdf380ba
06ceadfcfe6390f6163f78c691268b48bd826977
43f7eab19f5183a4e54cfdd7395ad0069d78a241b082a6559bcc55359012261f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
X-Powered-By: PHP/7.3.31
Set-Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663; expires=Fri, 02-Dec-2022 17:31:03 GMT; Max-Age=3600; path=/; HttpOnly
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://rec39.ru/wp-json/>; rel="https://api.w.org/"
rec39.ru/wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.5
5.101.153.136200 OK 9.7 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with very long lines (330), with CRLF line terminators
Hash 50b0306a15115cf70b5d61645d767d42
dab7d58c6ce8a90f600900bc53c666c4ca216bba
14479a5de9b8e95169e30a70538f41aa740c0153af0104cb31086a68910b675f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/css/core.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-ce5c"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.5
5.101.153.136200 OK 2.6 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.5
IP 5.101.153.136:0
File type ASCII text, with very long lines (16755), with CRLF line terminators
Hash 9484a16ba12551f6a3ea9952f5be8a12
8bf8d3eaa85602d6bfc4f73151803ab1c89d1bd5
f4d041677373077f6254407b6258ee17290c5042269eae3c1d8ac9f5c267cafe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/css/animate-css/animate.min.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-4242"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.5
5.101.153.136200 OK 7.0 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.5
IP 5.101.153.136:0
File type ASCII text, with very long lines (34408), with no line terminators
Hash e865107d12b20969d461a3638a0e3ace
5b9e1a31c61954817233aebf72e0f0ce5f9b66bd
fa8f14bb7bedb7403706f8fa714db317e4a43c57310d5c77a322ceb35c5fb951
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-8668"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.5
5.101.153.136200 OK 1.9 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c97d528edf3421acbb3b0fce5545c865
85284b37c748e17d5db0d77932119102f97ba431
809c0160e0bf910176700a709e74576e4efe7f0313ce84c261d7cf218e9ff22f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/css/users.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-1ee8"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7
5.101.153.136200 OK 12 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7
IP 5.101.153.136:0
File type ASCII text, with very long lines (65371)
Hash 8aa6d8325b5ce94322bb3fd921f056ed
180cdfa6c966171ce9b34cbdb1d624498da56c47
5a9f23f67e30f17ef3b392bbe6cec645e3bbebf2014e0e09f297798771510f05
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.7 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:53:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e53-130fd"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.5
5.101.153.136200 OK 1.8 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 10ac5826b672234fdcd12c153dfb7681
03113a472d1f7ba71f28fe15a85ff26fbb20e8ee
8bded06a6eec4bc5492180aab9bdc349a12da32dc873ce02e076dd01e216ee99
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/css/regform.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-1cf2"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.5
5.101.153.136200 OK 2.3 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 071d89858444875261d29788af729874
4c6bc3566ab075e00cdb082055d5b51ba19c354a
feb335232cf85ba17abd4303f1bb01afa578e61ce6f3723239941766f13b6f40
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/add-on/theme-sunshine/style.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-262e"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.5
5.101.153.136200 OK 2.4 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.5
IP 5.101.153.136:0
File type ASCII text, with CRLF line terminators
Hash cee3cb178bf2a07a579626528031fa3f
2481a8b0cf3b3a5ed63dcd9ddea5655f2cfabc84
d8200f4662f27dcb28d7873548e3f0e59bc539e4a9c8d1743a2c7926ed63cd22
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/add-on/rcl-chat/style.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-342c"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/wp-recall/add-on/rcl-meter/style.css?ver=16.26.5
5.101.153.136200 OK 243 B URL HTTP/1.1 rec39.ru/wp-content/wp-recall/add-on/rcl-meter/style.css?ver=16.26.5
IP 5.101.153.136:0
File type ASCII text, with CRLF line terminators
Hash b5fdd2a7bd4b7e5ca412e56df4e3e6f6
a1aa450315c10229f6edc4577d8cee8b54ae12dc
885118916aa3d1a7e3c129b7355d8433b459f6387890a0c82f6d73721852f5ad
GET /wp-content/wp-recall/add-on/rcl-meter/style.css?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-231"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.7.1
5.101.153.136200 OK 20 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.7.1
IP 5.101.153.136:0
File type ASCII text, with very long lines (42477)
Hash c62c050d3ae6b57c6a5579a8e948048b
471f7b6e2af693f8db999798370d67cbba888881
6baa518f7c4588999bbc7b5f8d4400e1e3055e24afdd8cc05b437155456c7d59
GET /wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.7.1 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-11a48"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
5.101.153.136200 OK 2.2 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
IP 5.101.153.136:0
File type ASCII text, with very long lines (5092), with no line terminators
Hash fadb046ad02dc98892f8a102040a18ee
6fc3072fcbd94c7722145447bd3dc00f2458f8a6
926ee0e9d5a4ec3f859d7d49cf490a6a8f1694fef7df4bcc8de128123cf3eb9b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Sat, 14 Aug 2021 11:00:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6117a24c-13e4"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
5.101.153.136200 OK 46 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (65358)
Hash 52000e7e83255c0af07f7c6d60550e82
988ec420d08f9846f95b2656c019a957edc7837f
202d2d7facdf835dbfab68db43575ead0daa8bd83f5aede410610ba72797ad9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:50:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d95-76891"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/bootstrap.min.css?ver=6.5.4
5.101.153.136200 OK 3.0 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/bootstrap.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (19981)
Hash 37249fb8056f2b9e89a081a7d14e9183
cc60c8dd4b3dd6401b7da5ef3b7089c985120464
7f657e60ef04658517937b1f32bdab9e2d52d344059a984dd231b37efefc0dd9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/bootstrap.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-4ee6"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css?ver=6.5.4
5.101.153.136200 OK 320 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (867)
Hash afa24615e7ca028d1ad59136be587b84
3d2d33c09db9d51fd6ab119c7a56815a63638db3
0b5b40ffa3915e72243f9a3c245995b9c42d01eb71e9333d03be54a7a13fc96f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/widget-recent-post-comments.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-364"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/page-404.min.css?ver=6.5.4
5.101.153.136200 OK 350 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/page-404.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (684)
Hash 557ec2624fb294a93aed9c4271f4117c
c7cfa3b4d71d205185580ce25e5d8c5249c10911
44476c6cc0949ebd910b9686de78783eeeb5b9c9715ec248ab6bd2f2fd2aa418
GET /wp-content/themes/woodmart/css/parts/page-404.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-2ad"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/base.min.css?ver=6.5.4
5.101.153.136200 OK 10 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (47676)
Hash 5d584f5641b2b3b7ff1184130fe1e823
025c63373f88ed865a51feaefd12103b1569563f
100de050177a2fd6ba95b98d5212be9e478d74bf187cd7d9abcc101511b1c41a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-ba3d"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dfX1ChoI2yvKPFqMKIxCDw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YvNnuiK6zpDam7/yHfQWSMwdEMs=
rec39.ru/wp-content/themes/woodmart/css/parts/wp-gutenberg.min.css?ver=6.5.4
5.101.153.136200 OK 2.1 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/wp-gutenberg.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (9099)
Hash 3da90474edf26556944dd41d1f1e5431
104c924e7857f619aa7d2f07e1eb3151bd1d981f
f2531a5d0cf6700bd2a242e7934ef880a14f4e81d6be4d53d0e9ec7a2de4ca7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/wp-gutenberg.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d10-238c"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/base-deprecated.min.css?ver=6.5.4
5.101.153.136200 OK 454 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/base-deprecated.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1212)
Hash 7be1c48ec4ce07816195d1c04e076328
d9a1e1b5fafb1e12ad39765a037e1019586cf93a
e8233e5ffdf9b2c298c5570925590a03d3e2a8a9c6feebef1ef08d5940dc779f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/base-deprecated.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-4bd"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=6.5.4
5.101.153.136200 OK 190 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=6.5.4
IP 5.101.153.136:0
Hash 017e12c7003e08aa14fb09e800d6f316
ecdab606f0fc3fb0b878536bc83e5d3ab4de80cf
ce38d29c0ff8ef74f6ad4ad5a30126996d77383d667184d72281acec9157d1ba
GET /wp-content/themes/woodmart/css/parts/int-rev-slider.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-11d"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/int-wpb-base.min.css?ver=6.5.4
5.101.153.136200 OK 2.7 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/int-wpb-base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (14824)
Hash feafa05a6ad897cc3b5ab49b119864cb
99e1c9a5c61d56cd13bcc679aa9f8566bcd2a846
ccf7daaf602b24145e49fe36e7b15785f2d06625f1b8ec70215cf49285157883
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/int-wpb-base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-39e9"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/int-wpb-base-deprecated.min.css?ver=6.5.4
5.101.153.136200 OK 363 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/int-wpb-base-deprecated.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (833)
Hash d4f39220b8693432fe4bf3ee79fd2ab9
e481f523516c585d4ef1a0204be01d8fde52a4db
ef17e038be6ef9a4ecdc1ecb615ef39fcc9d2a45c487d69308aeff012fb90905
GET /wp-content/themes/woodmart/css/parts/int-wpb-base-deprecated.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-342"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/woo-opt-sticky-notices.min.css?ver=6.5.4
5.101.153.136200 OK 790 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/woo-opt-sticky-notices.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (3195)
Hash d8901aeaa3cdc1a044b15ef45b51496a
5990cd67d86b05ae6d9ed48d689ce63e5bea5e8f
805d3fb784953917db21205306438498b9fa717fe90596a272806779c121a46d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/woo-opt-sticky-notices.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d10-c7c"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/header-base.min.css?ver=6.5.4
5.101.153.136200 OK 2.5 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/header-base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (9951)
Hash 4585434c3d2e440e9ac1b7017ed3c0c7
c2f271bb4ea9a720ef47ab19613d555d6fd277a8
965351dd3ec4bacc9e4b58b24bfc9dc97862f7e85df166a23768ff0cd21d8cd1
GET /wp-content/themes/woodmart/css/parts/header-base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-26e0"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=6.5.4
5.101.153.136200 OK 842 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (3678)
Hash 9cf576b30cfc071bfc5709d366dde07d
7c6b6f375a98b1e73d91fce665559f8d3e5417f9
145fe5d948315df02d52c08769d6af622ffc10b03ea2c93ecfb5f42319348af1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/mod-tools.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-e5f"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/el-list.min.css?ver=6.5.4
5.101.153.136200 OK 450 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/el-list.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1037)
Hash 612d97899d9ff457fb6d11b2dbf144b5
130777b4e2bea02cda9bd6c392c7767405c288e6
66584d65cdf2600ef23decb0a05b58ea9bff675340ea627e8d78064c3bdca264
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/el-list.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-40e"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/header-el-search.min.css?ver=6.5.4
5.101.153.136200 OK 349 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/header-el-search.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (883)
Hash b279aa85d965830a62b8301d0c825e6d
f1091bce365878e2974ae55bc5bce25e1ad21302
a47756b0bea5ff623ce24ca15032a87737aecb3240bd496a2907476c9690889b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/header-el-search.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-374"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/header-el-base.min.css?ver=6.5.4
5.101.153.136200 OK 813 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/header-el-base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2450)
Hash 82752f632708c893991daae012303fed
59e26ae20b3f1fd3933f0cd033338f495888dd73
8ea466e544b9b2bdf682164468fb68df2a67b3729f6c3f5a05bf757dc362698f
GET /wp-content/themes/woodmart/css/parts/header-el-base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0e-993"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=6.5.4
5.101.153.136200 OK 516 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1264)
Hash 16c89a1b9b117dc4e6145d01b11a6835
a04737eccc7e0b8c72d629b34f1667f2fae01308
31fa67b763839b39db7bfce9701f5684b1d7676f59e878dc94e3a699bdb159d2
GET /wp-content/themes/woodmart/css/parts/wd-search-form.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-4f1"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css?ver=6.5.4
5.101.153.136200 OK 933 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2777)
Hash 176717d401bdcb536e82cce66f1520a6
cd95d013fc19bee225266649b43f5c80d58644ee
00902b70b2e48162854e680b781d0cc7a816054c95ec833953db770ed2ef69ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/lib-magnific-popup.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-ada"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/el-info-box.min.css?ver=6.5.4
5.101.153.136200 OK 1.4 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/el-info-box.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (5590)
Hash 00be5d8e04c79e92e6c8fb8bde87aa8a
31eb412e71c5d0d283ff68889d6d90ce105d81e2
127d2ae6312baf7eb076054d1c8414e6e496aea843b067b0d6846e7dbeb0af3d
GET /wp-content/themes/woodmart/css/parts/el-info-box.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-15d7"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/page-title.min.css?ver=6.5.4
5.101.153.136200 OK 263 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/page-title.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (564)
Hash bc72f475ef050efd38ba9e805efce46e
882282ba646fd8de832ebe7c4a9da224dfa47fbf
3338ea75efd6f61c160ac7c923695d7f288304b44cdbd3bf31092fb385600766
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/page-title.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-235"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/footer-base.min.css?ver=6.5.4
5.101.153.136200 OK 445 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/footer-base.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1137)
Hash 68649c8e64deb38f29c07a9a04a3af19
7bad5f9f70e73dd5a24b3915a7eaf488f802f933
0ff737f0d1a7d4acbcd4a9f7a50ba659b765f06ddfb4c9778a9851d9e48e5678
GET /wp-content/themes/woodmart/css/parts/footer-base.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0d-472"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/uploads/2022/09/xts-default_header-1664374368.css?ver=6.5.4
5.101.153.136200 OK 382 B URL HTTP/1.1 rec39.ru/wp-content/uploads/2022/09/xts-default_header-1664374368.css?ver=6.5.4
IP 5.101.153.136:0
Hash e8537ac8626cfc1ec17135f61cda484e
364096976d968ea81020002eb43e59324692a669
41f8d293434ddac7ff04d3530bac9ff9cd599fec4a0cc14fb24d07c97247c449
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/xts-default_header-1664374368.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Sep 2022 14:12:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"63345660-569"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css?ver=6.5.4
5.101.153.136200 OK 434 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (773)
Hash 0b710f6af5c860da06fcbe46424dc9f3
da587ca05a10813d23be662820c4aaf98e019c8d
9f8b23eb27ad512992f73eb5cde8604f52adb4076dd3c940fd8026b527cefd15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/css/parts/opt-scrolltotop.min.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:48:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d0f-306"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/uploads/2022/09/xts-theme_settings_default-1664375034.css?ver=6.5.4
5.101.153.136200 OK 1.7 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2022/09/xts-theme_settings_default-1664375034.css?ver=6.5.4
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 8e348efc2b1e8a854205791ed934b410
05fb3c40cc12474ddade4f4993387f66101e2d2d
996696c6e89d3b74c22926f2e9656a7cc533de1050966d304816a9e81146a8d4
GET /wp-content/uploads/2022/09/xts-theme_settings_default-1664375034.css?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Sep 2022 14:23:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"633458fa-15db"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
5.101.153.136200 OK 4.2 kB URL HTTP/1.1 rec39.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 5.101.153.136:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Sat, 14 Aug 2021 10:59:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6117a208-2bd8"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.5
5.101.153.136200 OK 3.5 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e86d348c1f7b6ac51dd25242c0ec84b9
07a3ad28ade22161908de1cde8def51d2853052e
2f4bf97811488105ba6f7fad4fafa79d73d5e614eb0220bc9dd9f220211ebfda
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/js/scripts.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-41f6"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.5
5.101.153.136200 OK 3.2 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 171f19851ef89505a28e02647a809af7
a45911f72fc992c10f67a15a2a5f3b40acd97829
b0817c990af22558fab8f1509f0ccf879842a20bf52bbebda777b73f3f3f6146
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/add-on/rcl-chat/js/scripts.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:03 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-3b3a"
Expires: Fri, 09 Dec 2022 16:31:03 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.5
5.101.153.136200 OK 11 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a13586477b6512367a26846d91b38241
22515a5c6cc63390d1b451b0564d6f1ee2f01992
b04284f21fd28c0830c74cf96c13105c53d2e9b16691c670ddef555cf64ca650
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-recall/assets/js/core.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e68-c285"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/wp-recall/add-on/rcl-meter/script.js?ver=16.26.5
5.101.153.136200 OK 683 B URL HTTP/1.1 rec39.ru/wp-content/wp-recall/add-on/rcl-meter/script.js?ver=16.26.5
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 1b4f75991e3aa9fe8e58804eefeac63a
9c83183b48fbc4e7dfe2559e11a82ce309db8de2
f3ffa99c00e473566dc2a1a9f8adc2a0009da64057e936bbb91c9c0f391f292c
GET /wp-content/wp-recall/add-on/rcl-meter/script.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-85c"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/wp-recall/add-on/types-profile/js/scripts.js?ver=16.26.5
5.101.153.136200 OK 375 B URL HTTP/1.1 rec39.ru/wp-content/wp-recall/add-on/types-profile/js/scripts.js?ver=16.26.5
IP 5.101.153.136:0
Hash a0e63e379a709fa19a8b7856c8aa90ad
b7d3d86af78fb18ba36a98fa415a6b57af66c938
1e088b75082bd0d7fbecd4bc49a697bfed84ee7046906802c9e6f8a336079601
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/wp-recall/add-on/types-profile/js/scripts.js?ver=16.26.5 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-4a4"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0
5.101.153.136200 OK 4.3 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (34217)
Hash d1d42379d4a36c5f8a9bc16a89820fc5
ce05f997d3d48167bf92c5f5b3b47b8fe91a792c
2dbed6fc600b202f49ffcd8b3365b596b82572c4cd3919ed12c35d53b2a7928f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:50:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d96-865f"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
5.101.153.136200 OK 31 kB URL HTTP/1.1 rec39.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (65447)
Hash 7a6e4a1e4a67fac0cd39ca1dd1982f47
a8bf880e5db17a703293d5a3c92623a97d5a1df1
daf4bcb15594deb268cc05f030ccaf8dfe4acab417758dd16a6f3b2d86d2908f
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Sat, 14 Aug 2021 10:59:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6117a208-15db1"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
5.101.153.136200 OK 12 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (56243)
Hash f771dbdd9681b64d656183eb350dc09e
efc6709e6cec4368c4988d4c620b0dc48803c21c
aafcb9e5e135f0f640629553d25afa9fc37720fa56aa4500806a0371bf3f513d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:50:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d96-dc69"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/libs/device.min.js?ver=6.5.4
5.101.153.136200 OK 1.2 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/libs/device.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (3151), with no line terminators
Hash 2267d8acacaecf7867f8d38b1949d93e
1b94638a5917b6608384be96c1dc78d5060557af
97cba6ce5e73962896583d51887a3b54d6efeebe04f8d402a593e451989e49de
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/libs/device.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d12-c4f"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=6.3.303
5.101.153.136200 OK 18 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=6.3.303
IP 5.101.153.136:0
File type ASCII text, with very long lines (65312), with CRLF line terminators
Hash 804359452a1ef91474c2d089a008ab96
1c72950f5891764b3df11d0081ce8a8340995549
0382ac6e311b26effef2fa8e8bd3b90cc3dd328c10637f2d8ec7f18aaa5e2bfa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-15c89"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.15
5.101.153.136200 OK 12 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.15
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 962158aabd558aac1a1baf0d7f3f477c
94347e9ff810c42a7c177655dd7f4b3dd0017f38
750e1901fd9ee9fe3a2093a7911d1119c552f151dbfd4db6b2836e9eebb8c273
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.15 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: text/css
Last-Modified: Thu, 03 Feb 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61fbb8d5-e168"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7
5.101.153.136200 OK 6.7 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7
IP 5.101.153.136:0
File type ASCII text, with very long lines (12198), with CRLF line terminators
Hash 10d768f8f12adcdeceddb54303dd283b
8d23a348de31d7338d6b22951a33ffb64c90f537
11d69f24d8cc25e88c432214dee653a3ccecacc23f6702cfa9c5654f3922ae80
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.7 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:53:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74e53-5b20"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=6.3.303
5.101.153.136200 OK 22 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=6.3.303
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with very long lines (367), with CRLF line terminators
Hash e3bfcafd207fcd38b40d69d60fd87d63
9721212911513976032cd0533d7ab3eae6f2990c
e5f364019e471e3ffac845986e0190fec9ec061cf8b9d69341e5b6f475179ea6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-37d7d"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.15
5.101.153.136200 OK 49 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.15
IP 5.101.153.136:0
File type ASCII text, with very long lines (45108)
Hash 76cc5ab7ff972e06e1796a9f458fb772
ef6d2420735a5587cee8957589bb2c6848ea8610
9144d244895706574d3e0755ec970ae01e80a7157c5a13dd4465591b0d2b883c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.15 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 03 Feb 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61fbb8d5-1f69c"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/libs/cookie.min.js?ver=6.5.4
5.101.153.136200 OK 865 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/libs/cookie.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1668), with no line terminators
Hash 07f8234563435e91169452af4ef95f6f
6dbda7ef1cc42022a4b09fd091ddfe4bdaccb3e2
5df04af23b2ffce7e96a5421f58f3b974f7113f16547ba4849f3ff6d3d855eb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/libs/cookie.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d12-684"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.7.1
5.101.153.136200 OK 46 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.7.1
IP 5.101.153.136:0
File type Unicode text, UTF-8 text, with very long lines (32126), with CRLF line terminators
Hash 63bcc734ebbff5d2e86b7a1b1b08c016
bfa28d4546ce5b3f520dd3bcd7555dd469294286
4f73e8b1819cc652dc8600eea8c440eaae2b9b0a8912f9a19f1184b407100c2b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.7.1 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 13 Aug 2021 13:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61167276-2748c"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
5.101.153.136200 OK 5.7 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP 5.101.153.136:0
File type ASCII text, with very long lines (20096)
Hash 6a46964d8aaeced5805cfb291866d890
4111db3ee9237bc00bfbc3226c5e1c159797f745
3113f8b9c24fbe5a7d312fe8dade72688778ff4d5c2a71cda8e22381938d3493
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:50:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d95-4f5b"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.15
5.101.153.136200 OK 101 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.15
IP 5.101.153.136:0
File type ASCII text, with very long lines (64288)
Size 101 kB (100571 bytes)
Hash 4ddb3e577965b5074ccd22e3d8662926
6f546caf599e6e5a33da0d623b470d8db8887301
9170f4312da3bdb84842542a42e03d99dba15dc4a6cf7b50db75bce790f7079b
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.15 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 03 Feb 2022 11:13:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"61fbb8d5-5e26c"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/wc/woocommerceNotices.min.js?ver=6.5.4
5.101.153.136200 OK 286 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/wc/woocommerceNotices.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (485), with no line terminators
Hash 1391fd419273db97dd4c0cfc30f2ec42
4803b49c9e834c1aecd0633fd72157c9cd9d746c
ba55588fa2cbb96ff100f4087951954ac36dc472a1a2508c1eb4afec18c0d67f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/wc/woocommerceNotices.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-1e5"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/global/helpers.min.js?ver=6.5.4
5.101.153.136200 OK 1.7 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/global/helpers.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (5154), with no line terminators
Hash 87a559e00f65e8b2eaba6eae9fe5a683
4d44420a21fe58e4a2f6e36c90355793b8fba763
de65ccaf693a96cbbdbac13f99c4c051483a04ac1c5dd999ea7bec7f11978846
GET /wp-content/themes/woodmart/js/scripts/global/helpers.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-1422"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/global/scrollBar.min.js?ver=6.5.4
5.101.153.136200 OK 154 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/global/scrollBar.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with no line terminators
Hash 706e2eb2b3f3065ac1ed5f3e1ae93edb
94ce3a8b8db5167e14dfaf2319379e4f509f7f9a
f571fab264a01990e84844c89557463d04746a2e05de7d8801ff0295b9700216
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/global/scrollBar.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-d7"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/header/headerBuilder.min.js?ver=6.5.4
5.101.153.136200 OK 930 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/header/headerBuilder.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2331), with no line terminators
Hash c07ac6394547a5ed0c56b3d6071e2d94
7a0b66028034d29b3002acc0e9eaebd5fb4f648c
c022cfabebf0677f99dec0882047b085b390ebd0a5f36a04b3b575739045101e
GET /wp-content/themes/woodmart/js/scripts/header/headerBuilder.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-91b"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/menu/menuOffsets.min.js?ver=6.5.4
5.101.153.136200 OK 895 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/menu/menuOffsets.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2576), with no line terminators
Hash 2a59a5c970960ed7ac64e413d3a79a1e
bd2ff72e9039886a5858938752551101d90a6565
d34a21265012f42ce9d8f7896e99614b1a220f563be5d56929da6da4406e088c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/menu/menuOffsets.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-a10"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec39.ru/wp-content/themes/woodmart/js/scripts/elements/contentPopup.min.js?ver=6.5.4
5.101.153.136200 OK 367 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/elements/contentPopup.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (726), with no line terminators
Hash 69072a9579bd572db2a2e1e70b159e38
c45437dabaa3e182a3d0da669707d42e8e5950d8
a2e852c20a3fb64f3562c8e3ff350c83a05a98465833057bfa5e65741344d8c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/elements/contentPopup.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-2d6"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/libs/magnific-popup.min.js?ver=6.5.4
5.101.153.136200 OK 7.5 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/libs/magnific-popup.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (20636), with no line terminators
Hash 9aa529ee4e656d1ac9e64e0a02bfcb52
f1ff04af4984fda176a0afdd0e5c6104d22cf512
bd606ea8d6d691e495a4df98ba6016904fb1a919bbf43ceef88f0698f35dd45e
GET /wp-content/themes/woodmart/js/libs/magnific-popup.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-509c"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/menu/menuSetUp.min.js?ver=6.5.4
5.101.153.136200 OK 545 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/menu/menuSetUp.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (1357), with no line terminators
Hash f64bf403c598eced3b1464cc523d63bc
8e59d3285e7b4a95ac0dd822d470691fba4d30f9
08798c3dc01aadb78662c8fdeb12763d44d8da8bff217db5fe1208c7201d493b
GET /wp-content/themes/woodmart/js/scripts/menu/menuSetUp.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-54d"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=6.3.303
5.101.153.136200 OK 28 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=6.3.303
IP 5.101.153.136:0
File type ASCII text, with CRLF line terminators
Hash 0e93c87f09d13d1a4219d32a8d2026dc
4952fd505fd599a1d3d23be05be983c2d4be7425
b2bc7a1af42e899e2ca811e131ce3cb67b45ea210df7d3b623153c273a1a5d5c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-29566"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/menu/mobileNavigation.min.js?ver=6.5.4
5.101.153.136200 OK 622 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/menu/mobileNavigation.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (2083), with no line terminators
Hash c93b07255b1dd5668804a10bb897108f
72f9f0826003d6565bd326944ef263e02b7e86fc
da762e24ab36db97891031f37de00346d0917def1688b9cf905e6d755c030772
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/menu/mobileNavigation.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-823"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/themes/woodmart/js/scripts/global/scrollTop.min.js?ver=6.5.4
5.101.153.136200 OK 225 B URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/js/scripts/global/scrollTop.min.js?ver=6.5.4
IP 5.101.153.136:0
File type ASCII text, with very long lines (362), with no line terminators
Hash e15343da35239fcd1f62cc3c40515eef
d30820c10f45ad0010ab1901cb5e39e0a5ca1433
02752e1054c42247e562320beba57f584deb5a7b88bef3a34a73169e8e4aa189
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/js/scripts/global/scrollTop.min.js?ver=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:48:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74d13-16a"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
rec39.ru/wp-content/uploads/2020/03/icon24-50x52.png
5.101.153.136200 OK 2.0 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/icon24-50x52.png
IP 5.101.153.136:0
File type PNG image data, 50 x 52, 8-bit colormap, non-interlaced\012- data
Hash 09cdb0e033207ce63027cdfbaba79482
fe21bde299fb6cb9265274950c1b78d670c9cd70
e1cdd0abaac360b84fda01b26c96cee40c7041944d93e3589441df708a3d48e9
GET /wp-content/uploads/2020/03/icon24-50x52.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: image/png
Content-Length: 1996
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-7cc"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2020/05/rjek-logo1.jpg
5.101.153.136200 OK 47 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/05/rjek-logo1.jpg
IP 5.101.153.136:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=2557, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2045], baseline, precision 8, 350x128, components 3\012- data
Hash 582b910477d5a94e7894b12ca0c7f798
ed2c1be4e5c82215971621116d824f733e72e835
f47c2beacfbf3206e19303157693ce4083dd98cb45c032bee120bc006c0c0f1c
GET /wp-content/uploads/2020/05/rjek-logo1.jpg HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: image/jpeg
Content-Length: 47010
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-b7a2"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2020/03/logo-1.png
5.101.153.136200 OK 26 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/logo-1.png
IP 5.101.153.136:0
File type PNG image data, 91 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash ff17c742867a6408d5f651879dfc2615
b76233e9129154a3cf710d8dcce5c7628b5f2641
6e54ebc68da5549befe9c7debeb0758d865a89bf257b6f931816aa66784636c0
GET /wp-content/uploads/2020/03/logo-1.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: image/png
Content-Length: 26427
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-673b"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2020/03/icon21-50x58.png
5.101.153.136200 OK 2.4 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/icon21-50x58.png
IP 5.101.153.136:0
File type PNG image data, 50 x 58, 8-bit colormap, non-interlaced\012- data
Hash a499f4f0cfbd7bb0178ecec44356717d
d08feb0bafc9c00640666c8042a7a01ea02e5e77
5e15d2035ac574354bfe27440472e417cba1eb067cd0a394ad80d31addc3f5b7
GET /wp-content/uploads/2020/03/icon21-50x58.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: image/png
Content-Length: 2364
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-93c"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2020/03/icon22-50x52.png
5.101.153.136200 OK 2.5 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/icon22-50x52.png
IP 5.101.153.136:0
File type PNG image data, 50 x 52, 8-bit colormap, non-interlaced\012- data
Hash da9f48b38b6f640c1e9e9cfb53341d21
b60416a414394292ef73a7eb0581e2d561561781
d4aac32d52d0c466480dd57d30aee3d0817bac6ee39cc2491b6b5e2ae8313a76
GET /wp-content/uploads/2020/03/icon22-50x52.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: image/png
Content-Length: 2509
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-9cd"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/webfonts/fa-solid-900.woff2
5.101.153.136200 OK 127 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/webfonts/fa-solid-900.woff2
IP 5.101.153.136:0
File type Web Open Font Format (Version 2), TrueType, length 126828, version 768.256\012- data
Size 127 kB (126828 bytes)
Hash 297973a488f688271dd223d542ba2697
ed99d812e4c88826335f93acede3fad85c90fb54
1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/assets/css/fonts/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=6.3.303
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/font-woff2
Content-Length: 126828
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "62e74ae2-1ef6c"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec39.ru/wp-content/themes/woodmart/fonts/woodmart-font.woff2?v=6.5.4
5.101.153.136200 OK 11 kB URL HTTP/1.1 rec39.ru/wp-content/themes/woodmart/fonts/woodmart-font.woff2?v=6.5.4
IP 5.101.153.136:0
File type Web Open Font Format (Version 2), TrueType, length 11396, version 1.0\012- data
Hash 37505bf12902a69617491988202195e8
de14a255eec4a0f8a7bcb5f147f034717fd5100c
f98a41cc9cdb7fd6f0881d22c6c94affe2c56ebb88b6da8cbda057e6dc87160a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/woodmart/fonts/woodmart-font.woff2?v=6.5.4 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rec39.ru/wp-content/uploads/2022/09/xts-theme_settings_default-1664375034.css?ver=6.5.4
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/font-woff2
Content-Length: 11396
Last-Modified: Mon, 01 Aug 2022 03:48:32 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "62e74d10-2c84"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 337103
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg
5.101.153.136200 OK 82 kB URL HTTP/1.1 rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg
IP 5.101.153.136:0
File type Web Open Font Format (Version 2), TrueType, length 81956, version 1.0\012- data
Hash 13e75de776e38401894a7cf7e3023e6e
8783423a4e01c58625e02747d7b1f08f576cf378
bc5c1ffb80e8c6b709daf7cd8f06a977335f3a35f90332e9bd9a5e605717ccfe
GET /wp-content/plugins/wp-recall/assets/rcl-awesome/fonts/rcl-awesome.woff2?7jdlrg HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/wp-recall/assets/rcl-awesome/rcl-awesome.min.css?ver=16.26.5
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/font-woff2
Content-Length: 81956
Last-Modified: Mon, 01 Aug 2022 03:54:16 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "62e74e68-14024"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.227200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:38 GMT
expires: Wed, 29 Nov 2023 15:42:38 GMT
cache-control: public, max-age=31536000
age: 262106
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 22:37:35 GMT
expires: Sun, 26 Nov 2023 22:37:35 GMT
cache-control: public, max-age=31536000
age: 496409
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29928, version 1.0\012- data
Hash 609bea65e2bf8ee9b728a85a8f1b282c
a0d2fbcf012e6554fb8cb182994ec8eb744ab65d
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:36:13 GMT
expires: Thu, 30 Nov 2023 19:36:13 GMT
cache-control: public, max-age=31536000
age: 161691
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Hash 4a90976686fcbd8296c7d7fccc04c273
bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rec39.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:56:02 GMT
expires: Tue, 28 Nov 2023 18:56:02 GMT
cache-control: public, max-age=31536000
age: 336902
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rec39.ru/wp-content/uploads/2020/03/icon231.png
5.101.153.136200 OK 3.7 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2020/03/icon231.png
IP 5.101.153.136:0
File type PNG image data, 54 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bea507841c6d9073757b7ebd200e1c7
31d13e2fea7452b028e941bd075b69b39f91d20e
8009a0f04c3dca8e8f0a510286122c8add0400ef8151b4fe8a518910e18a881d
GET /wp-content/uploads/2020/03/icon231.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: image/png
Content-Length: 3703
Last-Modified: Fri, 13 Aug 2021 13:24:07 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "61167277-e77"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
rec39.ru/wp-content/uploads/2021/08/re.png
5.101.153.136200 OK 9.7 kB URL HTTP/1.1 rec39.ru/wp-content/uploads/2021/08/re.png
IP 5.101.153.136:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 515ca37ae87342ad9da9b474fa737854
6962330afa1e914a074e2ec3583e6c2f02bb4a79
fc4c09022e18286a3575a8ab00cba38417a1af883304ac1bffe99c8654345db2
GET /wp-content/uploads/2021/08/re.png HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: image/png
Content-Length: 9740
Last-Modified: Sun, 15 Aug 2021 08:05:39 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "6118cad3-260c"
Expires: Sun, 01 Jan 2023 16:31:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4658
Expires: Fri, 02 Dec 2022 17:48:43 GMT
Date: Fri, 02 Dec 2022 16:31:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:55:34 GMT
age: 66931
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 37817
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 40250
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 10:51:17 GMT
age: 20388
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 67172
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 67334
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CPT+Sans%3A400%2C700&ver=6.5.4
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CPT+Sans%3A400%2C700&ver=6.5.4
IP 142.250.74.106:0
GET /css?family=Open+Sans%3A400%2C600%7CPT+Sans%3A400%2C700&ver=6.5.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rec39.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 16:31:04 GMT
date: Fri, 02 Dec 2022 16:31:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rec39.ru/wp-content/plugins/super-forms/assets/js/common.js?ver=6.3.303
5.101.153.136200 OK 0 B URL HTTP/1.1 rec39.ru/wp-content/plugins/super-forms/assets/js/common.js?ver=6.3.303
IP 5.101.153.136:0
GET /wp-content/plugins/super-forms/assets/js/common.js?ver=6.3.303 HTTP/1.1
Host: rec39.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rec39.ru/wp-content/plugins/super-forms/uploads/php/files/970c3258206e49fc63bcb2b14515cd0b/47804910619.pdf
Cookie: _sfs_id=0b25bfed553187313f653cd81cdf300f7e17395740dc95083802c4c24bf973991669998663
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Fri, 02 Dec 2022 16:31:04 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 01 Aug 2022 03:39:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"62e74ae2-6dba6"
Expires: Fri, 09 Dec 2022 16:31:04 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip