r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2682
Expires: Sat, 12 Nov 2022 21:29:12 GMT
Date: Sat, 12 Nov 2022 20:44:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6490
Cache-Control: max-age=142495
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:30 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 12:19:25 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 20:44:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 27
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6013
Expires: Sat, 12 Nov 2022 22:24:43 GMT
Date: Sat, 12 Nov 2022 20:44:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1OcQnhQ4lWt2jeEtNvE7DAG2Ou2VqwqqsBa+H+lOds6r/TCPTFRwSIV5BlicXe6K/kmNa4/2rGs=
x-amz-request-id: S67SM0TQ48BA692R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 19:50:24 GMT
age: 3246
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 20:44:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
margaritalevina.com.xsph.ru/
141.8.197.42200 OK 20 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (45439)
Hash 9faaf205035808950b958e7119a2b1f2
d0a119fb046dea9e3253c1f87a2f4924df415ff9
6f3445ae1a2e5b1d7c063bb88007e0ffe43504e1d3312a47ed5d6025398ca997
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <http://margaritalevina.com/wp-json/>; rel="https://api.w.org/", <http://margaritalevina.com/wp-json/wp/v2/pages/20>; rel="alternate"; type="application/json", <http://margaritalevina.com/>; rel=shortlink
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-67868663-1
142.250.74.168302 Found 254 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=UA-67868663-1
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5227ee229345c432f709485945865f7f
aa1ba514910d4a871afbff1b764c6f93695acb3b
76cbf9fa6d3bc9d7ea589215ff15f769dcc534c6e9c97152c4cc2b6b4e86344f
GET /gtag/js?id=UA-67868663-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=UA-67868663-1
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 12 Nov 2022 20:44:30 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 254
X-XSS-Protection: 0
fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C400%2C400i%2C500%2C700%2C700i&subset=latin-ext&ver=1
142.250.74.10200 OK 535 B URL HTTP/1.1 fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C400%2C400i%2C500%2C700%2C700i&subset=latin-ext&ver=1
IP 142.250.74.10:0
Hash d0c97c4208db4014420de480c58602f0
b21c68504ff5dcc1a83f44c0f8fb4bbe8889b83e
3a69137f7ea98607c8166df15ac54067aa45b488e943f1d4877ec4405ce3a037
GET /css?family=Libre+Franklin%3A300%2C400%2C400i%2C500%2C700%2C700i&subset=latin-ext&ver=1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 12 Nov 2022 20:44:30 GMT
Date: Sat, 12 Nov 2022 20:44:30 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
margaritalevina.com.xsph.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11
141.8.197.42200 OK 54 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (27100)
Hash 2e7e1d1c1d4d446a1b6b63295757d859
27a1d9dcbdc4aff486016b5c9f3ece6ad0c028c1
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.11 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
141.8.197.42200 OK 2.0 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type Unicode text, UTF-8 text, with very long lines (1949), with no line terminators
Hash 8d8515ec154abcd67dd7889db826aaca
8fe081bfd5c863bf27176f07f49b0f43b0660908
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5
141.8.197.42200 OK 81 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with CRLF, CR line terminators
Hash cb1543207e30e334db5e3e742bd1893a
bcde3a367f2f2c4637b4cb82551965b6a91c71bb
edaa3dff3f45cdad5d62fb8cbd1b68a419f4fdb0189ccb93039f06b501c0b15d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/themes/hamilton/style.css?ver=5.5.11
141.8.197.42200 OK 50 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/themes/hamilton/style.css?ver=5.5.11
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type Unicode text, UTF-8 text, with very long lines (536)
Hash 167fb131a5c116ee90d5b0b919e6736d
814a0019cd0cccb93051d515ce1ce3f4aef039b6
23d783227f0b16471a29a3c3f0bb7dbdf17e67615735c1af53d663b9b55c30db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hamilton/style.css?ver=5.5.11 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
141.8.197.42200 OK 10 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0
141.8.197.42200 OK 12 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (1571)
Hash 45f98dec2f0965e8e879f2c7a1f4e996
8187dccc170f82df78e9be302e5ab49e024d4d34
23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/css/envira.css?ver=1.8.4.6
141.8.197.42200 OK 22 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/css/envira.css?ver=1.8.4.6
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (22194), with no line terminators
Hash a89bfaa59ad49e4640a8c9e9bcee5511
b36a5c55fa8bf959b29e663f01a0d1c895a5115f
14147d89a7deeff5cdb9f284ff4ecfcc28ce5f21c0fac68ab33e5209face536a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/envira-gallery-lite/assets/css/envira.css?ver=1.8.4.6 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/css/responsivelyLazy.css?ver=1.8.4.6
141.8.197.42200 OK 1.2 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/css/responsivelyLazy.css?ver=1.8.4.6
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
Hash fd9ff76bfd3269c1e830187e97eb4286
ac48b3d4ea53ac982b218593afa8551f52920411
2f677defbbda27f9593474bed25e194f945c80fefbd57969e02be8ff298d4212
GET /wp-content/plugins/envira-gallery-lite/assets/css/responsivelyLazy.css?ver=1.8.4.6 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/css/fancybox.css?ver=1.8.4.6
141.8.197.42200 OK 8.7 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/css/fancybox.css?ver=1.8.4.6
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
Hash e791dbf5800308a66c089fa64336581f
e0c32465867ce7a7c039529a2dd60cc6ce89f41c
3f1cb3f78687e09b3003f3ea509b919cce3a0cf5f27ef2f2a05b7ad5d0c89e80
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/envira-gallery-lite/assets/css/fancybox.css?ver=1.8.4.6 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
141.8.197.42200 OK 97 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/css/justifiedGallery.css?ver=1.8.4.6
141.8.197.42200 OK 5.3 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/css/justifiedGallery.css?ver=1.8.4.6
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (2858)
Hash c2abd9075591e73be3cdccd134936ec2
ca17323f05ffee5ea930967953d38e47b43bd79d
74e02388ba7df4dfaf4828e2d9d0432f1cd2bc6a1dcd1776bfc3b36b7d872a60
GET /wp-content/plugins/envira-gallery-lite/assets/css/justifiedGallery.css?ver=1.8.4.6 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
141.8.197.42200 OK 14 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (14508), with no line terminators
Hash c4f1d6f0dbebf735ac37479b3c082c63
30659e6fd4c2d3fb16e3503e2caaa9701f12f9a3
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
GET /wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 19:44:48 GMT
cache-control: public,max-age=3600
age: 3583
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=5.5.11
141.8.197.42200 OK 3.1 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=5.5.11
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type HTML document, ASCII text, with very long lines (2861), with CRLF, CR line terminators
Hash 0bd6cb4fbf6f16f1fc46934cd8515f3c
37360c9391c47e9d7b0460bf1fdfc8c380404c4f
29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=5.5.11 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=5.5.11
141.8.197.42200 OK 12 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=5.5.11
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (11484), with no line terminators
Hash 2b01351f36285d266938cfb15ae487a4
643579a331557dedc16ed0bceb1c7780368b9a52
4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=5.5.11 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.googletagmanager.com/gtag/js?id=UA-67868663-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-67868663-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 34af4434e457cda41851cccd0119b299
633141410f6955c9c1f44f1b74a4d65a6e97874f
1467eecfba6008500cc4fb46b6e35e19622fffea6ed0fee0c8a761c69142124e
GET /gtag/js?id=UA-67868663-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 20:44:31 GMT
expires: Sat, 12 Nov 2022 20:44:31 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
margaritalevina.com.xsph.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
141.8.197.42200 OK 3.9 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (3704)
Hash e6784d91bf2c668bc4093063c5b15113
687e1d2e957a821280dbd205ae66182f16dfdc30
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5
141.8.197.42200 OK 30 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type Unicode text, UTF-8 text, with very long lines (827), with CRLF line terminators
Hash 56315bc34593cfb648f4f7f33a9159f4
656d6353c3e8f7e008cfe739f6f4de5fec5cec3b
cb47b561f47e3d106d419bdd7721a3a26a00c36e20ce6f1bfa3c6d13cdb8c76f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-includes/js/imagesloaded.min.js?ver=4.1.4
141.8.197.42200 OK 5.6 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-includes/js/masonry.min.js?ver=4.2.2
141.8.197.42200 OK 24 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-includes/js/masonry.min.js?ver=4.2.2
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (23966)
Hash 3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/themes/hamilton/assets/js/global.js?ver=5.5.11
141.8.197.42200 OK 5.6 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/themes/hamilton/assets/js/global.js?ver=5.5.11
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
Hash 6eddcbafc1ddd91a48e2d001f1bc52b8
c79e5f94fe0e3fb8309d5164c9b6a831f908d3fb
b67c80bd86530c44d402be77543d996d92a6931b7ef5537b7b7bf125debee1bb
GET /wp-content/themes/hamilton/assets/js/global.js?ver=5.5.11 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
margaritalevina.com.xsph.ru/wp-includes/js/wp-embed.min.js?ver=5.5.11
141.8.197.42200 OK 1.4 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-includes/js/wp-embed.min.js?ver=5.5.11
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.5.11 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
fonts.gstatic.com/s/pontanosans/v13/qFdD35GdgYR8EzR6oBLDHa3axT8N.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/pontanosans/v13/qFdD35GdgYR8EzR6oBLDHa3axT8N.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22620, version 1.0\012- data
Hash 1b3ae449b6aa6b5ecacc292a7c3b8406
ffe461c2fe45f3fba917c9acaf31d73de0fdb0b9
1e8a9c58f1a09aec761568ab9c851abb6b9d7e0348dd165dbeff49512d604b33
GET /s/pontanosans/v13/qFdD35GdgYR8EzR6oBLDHa3axT8N.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://margaritalevina.com.xsph.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 00:28:53 GMT
expires: Fri, 10 Nov 2023 00:28:53 GMT
cache-control: public, max-age=31536000
age: 245738
last-modified: Wed, 27 Apr 2022 16:17:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3620
Cache-Control: max-age=134561
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:07:12 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
margaritalevina.com.xsph.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11
141.8.197.42200 OK 14 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (11272)
Hash 878184c5d285d4d52d926d36ef19b718
dd260ffe0f8e3f38f58efd23cac8a1e5c788dad9
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.11 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
margaritalevina.com.xsph.ru/wp-content/uploads/2019/05/custom_icon0.png
141.8.197.42200 OK 3.5 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/05/custom_icon0.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 116a19a5573e9111aa7248f5893f4d92
5fad3f0fe08dc3bdf1bb1cfd0929ec99ff7f40c0
b02c691aec522cd00756859214a8bc9aa81ab8e6bf101872a5a75393a113e9e5
GET /wp-content/uploads/2019/05/custom_icon0.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/05/logo_500x200.png
141.8.197.42200 OK 75 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/05/logo_500x200.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 500 x 200, 8-bit/color RGB, non-interlaced\012- data
Hash 1b8bd727a6369b3436ecddcf2a8e57f7
c420a32737205deae9bebad1c01327b7b733d4b7
01bc4a31c495a084448fac827a29daaa6cc5457de2081f527b576163b688bff0
GET /wp-content/uploads/2019/05/logo_500x200.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_instagram.png
141.8.197.42200 OK 1.1 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_instagram.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash bbc966a7bd88fa2604468d14f5f222eb
4c8e83164de65c511ff26a57e9ccfb0344b725de
7b4a144d970109d0e3127dd6f1cc0c146343de869870768f05398c9973301789
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_instagram.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/js/min/envira-min.js?ver=1.8.4.6
141.8.197.42200 OK 119 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/envira-gallery-lite/assets/js/min/envira-min.js?ver=1.8.4.6
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 119 kB (119185 bytes)
Hash 407f3a3f06bf24f4a0ad33b78532c7ce
0b2a63b58d5a7d2ede990e683a9e65f8c48831fe
ddc8a9d88c0de92cedab583a3558a8db4b7e7ed36b6753388b120b28e954dd8b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/envira-gallery-lite/assets/js/min/envira-min.js?ver=1.8.4.6 HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_facebook.png
141.8.197.42200 OK 375 B URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_facebook.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 1bfd6f4ef8043e4898c3092c707334b3
711ad6624b4121aba707897edc6317fc39753262
31fe30e25330874ce416a149d0419c6447d2f78c0ce9eee0bdea01f59a5ba8e7
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_facebook.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_linkedin.png
141.8.197.42200 OK 582 B URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_linkedin.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ec346722bc5c3f8d13a42a09f32307c
a4e64e1cce71db21312ae82fd9a6823dfbbcdaab
7de6ea8cc2dcf7691045a8f2fdd6a5fc9cb51ff0e7baf2af3179e8456578616c
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/flat/flat_linkedin.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 84afda90a25c7d2ae53c875e18da8d6b
618654c8fbea36d4d53203efa2aab2fce3942445
b272a30e8ee9333104dda2026eb787fade1f3361a58dc487bfeec6695c128232
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 8614115bf1a856bfc8ecc8080389d7dc
ETag: "24ac68294a07ea4892683d28a27a730a"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Sat, 12 Nov 2022 20:50:16 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: hK/akKJcfSrlPIdeGNqNaw==
X-FB-Debug: OHQtcOgQmbcoxyXWi8jD51ihOVDXwkQ9NjPkxsaT9PNIQ71ZPCehN8jH+XAsq5eIgPXfn2BJUbCRsfBqJU1kUg==
X-FB-TRIP-ID: 1904183273
Date: Sat, 12 Nov 2022 20:44:31 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 12 Nov 2022 20:41:09 GMT
expires: Sat, 12 Nov 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 202
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
margaritalevina.com.xsph.ru/wp-content/uploads/2019/06/cropped-logo_icon_512x512-2-1-192x192.png
141.8.197.42200 OK 27 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/06/cropped-logo_icon_512x512-2-1-192x192.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a8175fd064d7e10e9c437f5d149e1106
a042e8af170ba326f4765c6c8b5f3b06d5a1e429
f410a39958839090b7cbacaf6bb465c199d77292fbfdc578e2021896ca000ccf
GET /wp-content/uploads/2019/06/cropped-logo_icon_512x512-2-1-192x192.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/06/cropped-logo_icon_512x512-2-1-32x32.png
141.8.197.42200 OK 1.6 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/06/cropped-logo_icon_512x512-2-1-32x32.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9077df24914760360fede9c087dfbaf7
1029ccd1fe0f5c717ac7a0376e0b7e8e43adc558
b3daf016553cfbc23664a63c723f86804c2c113a0718fa46a2b17ca947f3171a
GET /wp-content/uploads/2019/06/cropped-logo_icon_512x512-2-1-32x32.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 125323db3ff29b80f81fae08e2d58df6
5a407fed4d6d43f2a4ccc6d5168f147d7f2af4a2
6e100312be7aa9f36164adeb96b6cead8685c4c0a1d950334128f598b17a945b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3901
Cache-Control: max-age=131591
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Etag: "636f5579-1d7"
Expires: Mon, 14 Nov 2022 09:17:42 GMT
Last-Modified: Sat, 12 Nov 2022 08:12:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=2dc14b3a48da4314885baf9fefa1f7b6
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=2dc14b3a48da4314885baf9fefa1f7b6
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash 51528ce65ea11958362bf17ca5751d79
d1d7b11f4052f300f1424353e6e473f26f0abd01
01b017230dfad95460df6b4626d738487864d18fdd47a00debcffbf0188f4cf0
GET /en_US/sdk.js?hash=2dc14b3a48da4314885baf9fefa1f7b6 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://margaritalevina.com.xsph.ru
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2e10f8c4b45fa055af240670c6bfd8d1
etag: "d585d58bd4e44de18fbf7e8b961eccba"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 12 Nov 2023 20:11:22 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UVKM5l6hGVg2K/F8pXUdeQ==
x-fb-debug: aw0uFlEWVD5xtXeGMvNHZ2lXDW3hhQW9HyoF+QSlOtu/DNRh9TesaocMjrznsuM1dX/ZQOWi9hENJ2RB8pGAqw==
priority: u=3,i
content-length: 88353
x-fb-trip-id: 2074150462
date: Sat, 12 Nov 2022 20:44:31 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 125323db3ff29b80f81fae08e2d58df6
5a407fed4d6d43f2a4ccc6d5168f147d7f2af4a2
6e100312be7aa9f36164adeb96b6cead8685c4c0a1d950334128f598b17a945b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3901
Cache-Control: max-age=131591
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 20:44:31 GMT
Etag: "636f5579-1d7"
Expires: Mon, 14 Nov 2022 09:17:42 GMT
Last-Modified: Sat, 12 Nov 2022 08:12:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.15.44101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.15.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CuC63WI2Ej+gfElw30RRbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QftkMY3rGE6JthxUDvaz6ADWP6s=
margaritalevina.com.xsph.ru/wp-content/uploads/2019/10/house-elf-november-1200x1200.jpg
141.8.197.42200 OK 504 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/10/house-elf-november-1200x1200.jpg
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x1200, components 3\012- data
Size 504 kB (504032 bytes)
Hash ec74c7c3795092ad32774fe94d93dc02
9b6e348e4a2accc77f9685eae7754a81d8aff5e4
a55cef53c87697f1061e809d0233c0482766ad7816c975f662d5f3cecd3b4db3
GET /wp-content/uploads/2019/10/house-elf-november-1200x1200.jpg HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/12/children-illustration-sleep-fox-margaritalevina-1200x1202.png
141.8.197.42200 OK 1.7 MB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/12/children-illustration-sleep-fox-margaritalevina-1200x1202.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 1200 x 1202, 8-bit/color RGBA, non-interlaced\012- data
Size 1.7 MB (1679888 bytes)
Hash 9b1f14760f72d8d72edf260e71aef3bc
187e55d4b765c22dbe5d05a895e76fb7cb123524
db9dc3a4b38b959bbf225a5fccc7e87d15790e44a2605933b4b86b0e2d3e884e
GET /wp-content/uploads/2019/12/children-illustration-sleep-fox-margaritalevina-1200x1202.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/05/poppins_cover3.jpg
141.8.197.42200 OK 1.9 MB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/05/poppins_cover3.jpg
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 987x1500, components 3\012- data
Size 1.9 MB (1942837 bytes)
Hash 2bd1b174400a8f258672b4e8ceeaceab
7b6cd8bc77d093abf960cddaafa19840f126a0de
179916f08c5d7523d59734ae74ebf246544885f659d48c379d344bb6dad667ce
GET /wp-content/uploads/2019/05/poppins_cover3.jpg HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/10/house-elf-october-1200x1200.jpg
141.8.197.42200 OK 637 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/10/house-elf-october-1200x1200.jpg
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x1200, components 3\012- data
Size 637 kB (637195 bytes)
Hash 8e11f9510893ea663b4eef66b9e383f7
e5015bd282eea43ee4af0eb73f0668e01caaaf12
d1e19af2759cbc42ebb07d0251f92c9505dd04e61e0c32e9d187e6864f805c69
GET /wp-content/uploads/2019/10/house-elf-october-1200x1200.jpg HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7949
Expires: Sat, 12 Nov 2022 22:57:01 GMT
Date: Sat, 12 Nov 2022 20:44:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7949
Expires: Sat, 12 Nov 2022 22:57:01 GMT
Date: Sat, 12 Nov 2022 20:44:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2y97S3ITb7MLXuIIAQfCCKjgvOXisdCT5mod7OD588LOhPCy_OrUXQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:02:21 GMT
age: 81731
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7949
Expires: Sat, 12 Nov 2022 22:57:01 GMT
Date: Sat, 12 Nov 2022 20:44:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94a390953f36bf9902cb9f04007c36c1
13535f16f207d4c19c1b6019757f6739a4531eeb
37d73300955a979e5b9d3dabc6e924c4e9734c6c63d92c42c709f8cb0d5aeabb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5902
x-amzn-requestid: 9c8be25c-9c96-4861-89c8-8b7bf06ffc16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNBrH2DoAMFqbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec20a-6c770a86581d1f7f4599684f;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: T6_3oJ8lEFeYF3wFDvIVfSRZbILHdbpDuAd50fwkzcYji2yVLUQkmQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:44:57 GMT
age: 82775
etag: "13535f16f207d4c19c1b6019757f6739a4531eeb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7wqdiuomEgaQlE1P5gopDGXbAkmh3ohPXYDcBWczuYFEcj8nczk9_w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:52:57 GMT
age: 82295
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eac2ed4bece6282c8273a58a88371e2e
2d90ff66079e8ffbaaa367a6bfc08927e7cc424d
aea97fd7d90302edcb3e0c08507d682e02166e8ddd4d082fc4f5435af438594c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8633
x-amzn-requestid: 8bdfbfbb-5193-4c62-ba1b-c906f7548676
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEC1oAMF8tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-39b4c2954dbc8e4c40a2c9d8;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lxrfhO5oOGvECIrlZYKsfXOTZZksAIIHAafyRM-FdRXAaBVZs5cEQA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:04:43 GMT
age: 81589
etag: "2d90ff66079e8ffbaaa367a6bfc08927e7cc424d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38e32fc94c445ff47da5d2907e61e3a4
c76588ccaf97fdfd6e73833083200cb49a01a4af
e4e3947b2248206c9dacfd35ff5619ca3b3ae56a7bcd565d40ed048839ffa075
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5478
x-amzn-requestid: c06e47c6-da2a-4a70-af2a-c1268557b913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM67FEEIAMF-pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-0628d00244323ddf727e0b80;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zeJU6wVmWDIbVDBlTYvTh8e78isxbmNC0GKWdKqdI5abbdERoyzpA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:23:30 GMT
age: 80462
etag: "c76588ccaf97fdfd6e73833083200cb49a01a4af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FWEdPT057SMVCBc7ZYbPnfW1z5mB7iubIXzrj3HlctKtwRx2PuncSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 08:39:57 GMT
age: 43475
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
margaritalevina.com.xsph.ru/wp-content/uploads/2019/12/christmas-illustration-cat-margaritalevina-1200x1200.png
141.8.197.42200 OK 3.6 MB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/12/christmas-illustration-cat-margaritalevina-1200x1200.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 3.6 MB (3577043 bytes)
Hash f4e80fb7205666e4875b8365304a7bfb
6c163591b4d7abc032ade59f02049b53f7f8154b
1faa00b30267c3504977d861a4bc65d43bed66daecbee47e42c862b642e9fc5b
GET /wp-content/uploads/2019/12/christmas-illustration-cat-margaritalevina-1200x1200.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/09/Clock_dragon-1200x1200.png
141.8.197.42200 OK 1.8 MB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/09/Clock_dragon-1200x1200.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 1.8 MB (1802192 bytes)
Hash b519827e2db139ea9b22521db9788afa
63abe9f4297c3c8e7fc702e783fb1e5fb26e03e1
6e3a8513ee4b44046170c615c8776659842be3964145a9dae3d5b4acd56e2dd7
GET /wp-content/uploads/2019/09/Clock_dragon-1200x1200.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:32 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:32 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/09/Arm_chair_dragon-1200x1200.png
141.8.197.42200 OK 2.1 MB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/09/Arm_chair_dragon-1200x1200.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 2.1 MB (2110610 bytes)
Hash 5ae435b271748420be4b8711f568297b
1f4d0fa620c8136039fb8a7ac1092f9e8f9e514d
356c1bfb40d3ff7eb529c6d10e3f3c1384dbd61d2d53fb7e9cf306e55c2e2f79
GET /wp-content/uploads/2019/09/Arm_chair_dragon-1200x1200.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:32 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:32 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/05/Apple_Pie_full-1200x1697.png
141.8.197.42200 OK 4.2 MB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/05/Apple_Pie_full-1200x1697.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 1200 x 1697, 8-bit/color RGB, non-interlaced\012- data
Size 4.2 MB (4175684 bytes)
Hash 8112e97074892fb524ba0dbdbc344ff4
2bb49c0dde0072e5e18eb6829978b01758dc6522
5a87fad4dc0a5fe2ae1f56096836706533593428afe0317bd1668649fd5c3167
GET /wp-content/uploads/2019/05/Apple_Pie_full-1200x1697.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:31 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/uploads/2019/09/autumn_margaritalevina-1200x1200.png
141.8.197.42200 OK 3.6 MB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/uploads/2019/09/autumn_margaritalevina-1200x1200.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 3.6 MB (3645425 bytes)
Hash 0f199cb468f1622c9019addfc4b2a919
05fb4b5d5460d9be388abc47dcab2513704eb78e
32e69476176f6ed8507816fae158bdb748a5e55deb34b6f9416df95b7cf89acb
GET /wp-content/uploads/2019/09/autumn_margaritalevina-1200x1200.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:32 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:32 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
margaritalevina.com.xsph.ru/wp-content/plugins/jquery-pin-it-button-for-images/css/images/pinit-button.png
141.8.197.42200 OK 6.0 kB URL HTTP/1.1 margaritalevina.com.xsph.ru/wp-content/plugins/jquery-pin-it-button-for-images/css/images/pinit-button.png
IP 141.8.197.42:0
ASN #35278 Sprinthost.ru LLC
File type PNG image data, 65 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash c92a7e05191047f975ce74dbb7641843
c08edfe6206ae6f1df92390622a749b7fef6fbbf
950cee92e1e747f85f0829fe0f8677906cf354634e6c4f333813612a17c55c3b
GET /wp-content/plugins/jquery-pin-it-button-for-images/css/images/pinit-button.png HTTP/1.1
Host: margaritalevina.com.xsph.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
Cookie: _ga=GA1.2.705080959.1668285871; _gid=GA1.2.492707535.1668285871; _gat_gtag_UA_67868663_1=1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 12 Nov 2022 20:44:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:44:34 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43e4308988c320212eab6fb4d27c215e
2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd
56efcb5d90ed224301384c850ec2f11317c2426fdc8ed6f88a211bbb75e6871e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12578
x-amzn-requestid: 60fda47c-9518-4ab3-8f94-4e925f0b6773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8iHeHoAMFQFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e9-62597e7b5c0f3b6b1e53bcce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FSquX2GRcCI4_Onwfi5qm_oBKl5EvL1RZJO84zJgyoEr7tPVTMy9dQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:01:48 GMT
age: 81771
etag: "2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Pontano+Sans&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Pontano+Sans&display=swap
IP 142.250.74.10:0
GET /css?family=Pontano+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://margaritalevina.com.xsph.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 20:44:31 GMT
date: Sat, 12 Nov 2022 20:44:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2