r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16667
Expires: Thu, 09 Feb 2023 03:05:50 GMT
Date: Wed, 08 Feb 2023 22:28:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5590
Expires: Thu, 09 Feb 2023 00:01:13 GMT
Date: Wed, 08 Feb 2023 22:28:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 21:34:13 GMT
content-type: application/json
age: 3230
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7299
Expires: Thu, 09 Feb 2023 00:29:42 GMT
Date: Wed, 08 Feb 2023 22:28:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yHirCzDNevTsxCw9MuBSCqG0p9uqtF0TwywwakYqsOpkpXgTZqa8ktmkmgDFuEq4mNLfXZBV5rY=
x-amz-request-id: 2KDPBNEGR57EJ1TJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 21:46:07 GMT
age: 2516
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:28:03 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:51:20 GMT
age: 2203
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3108
Expires: Wed, 08 Feb 2023 23:19:52 GMT
Date: Wed, 08 Feb 2023 22:28:04 GMT
Connection: keep-alive
push.services.mozilla.com/
44.238.9.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.9.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PHVb1J1fQmI2S2N1zKQ9rA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gKB720Z5uP4wV3w4I2cDitcmU8Q=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5520
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 22:28:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5520
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 22:28:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5520
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 22:28:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5520
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 22:28:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 06:25:01 GMT
age: 57784
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KUNhk8O0jpb6OyjCo5RGruuV5633xiM-PBeb6c0BaJI8uFQ7Aflj2g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:53:58 GMT
age: 2047
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 14:35:48 GMT
age: 28337
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed10868ea9554510e43f77dfb8c43877
df0d86c2c53bdec7b8935912e42dc7f82f87aa61
751e95e7dd20802cc4e0b6f208bf5559b0b73efd3ca22a9abafd86cf83ab6420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12401
x-amzn-requestid: 7bfa8a84-c348-4f55-8e8e-befcdd24f026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjPG-eIAMFccA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47a-06eedb3c7396825f77360755;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lXTMw2s8GxQtwjucvNYZeHL-i8ECHbdGThUV5_vn2mKEhArswcO3VA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:43:09 GMT
age: 2696
etag: "df0d86c2c53bdec7b8935912e42dc7f82f87aa61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iIQAy6CQSvnvQ79UJ6ifJbs-0kEqUYe8OyCqPb2HSKxoDoLykOyaLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:43:28 GMT
age: 2677
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:19:19 GMT
age: 526
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
krym-stroy.ru/
80.87.203.86301 Moved Permanently 0 B IP 80.87.203.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/7.4.29
X-Redirect-By: WordPress
Location: https://krym-stroy.ru/
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2fe367fb35b70f9771b2c149c899a777
397c429cc866f6d873f99b3c32dcc411717d0ea4
de64faa8cd8286066228c3fbcee5b83052413ea280d6358c2f8c612460e7f078
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE64FAA8CD8286066228C3FBCEE5B83052413EA280D6358C2F8C612460E7F078"
Last-Modified: Wed, 08 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Feb 2023 04:28:06 GMT
Date: Wed, 08 Feb 2023 22:28:06 GMT
Connection: keep-alive
krym-stroy.ru/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.5
80.87.203.86200 OK 14 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.5
IP 80.87.203.86:0
File type ASCII text, with very long lines (13766)
Hash 361ba7e2f9df7d03a6a8deee7c9cac4a
57f0f4df630f6e65f80cb73228de5c2411be8a6d
4e8e7cd4193c77cb73c879d8435af78b3fc7614181f1e7d3760641b7778b7400
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.5 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:08 GMT
Content-Type: text/css
Content-Length: 13805
Last-Modified: Sun, 15 May 2022 13:12:34 GMT
Connection: keep-alive
ETag: "6280fc42-35ed"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:28:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
krym-stroy.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.0
80.87.203.86200 OK 19 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:08 GMT
Content-Type: application/javascript
Content-Length: 18617
Last-Modified: Mon, 30 May 2022 07:34:33 GMT
Connection: keep-alive
ETag: "62947389-48b9"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/assets/css/opal-boostrap.css?ver=6.0
80.87.203.86200 OK 114 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/css/opal-boostrap.css?ver=6.0
IP 80.87.203.86:0
Size 114 kB (114126 bytes)
Hash 795681e9b1c3be83b297c443d4cf8c55
a33ef745ea95017648966add04ac07847655ee33
a2f5cfd72b984ff7f1955e8f82648763a3abd809e29f257a516f6304bae8e748
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/konstruktic/assets/css/opal-boostrap.css?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:08 GMT
Content-Type: text/css
Content-Length: 114126
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
Connection: keep-alive
ETag: "6280fc15-1bdce"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/elementor/css/post-30.css?ver=1653897131
80.87.203.86200 OK 19 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/elementor/css/post-30.css?ver=1653897131
IP 80.87.203.86:0
File type ASCII text, with very long lines (8726)
Hash 5c7c0f8b00df82f4d9a99a6122cce810
7b35cc0f64a5722e550bf9546d677ba51a87f03a
d9e297b6d2a9dc93296c239ea370a7940687754431a51f1dee2591d82424d366
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-30.css?ver=1653897131 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 18631
Last-Modified: Mon, 30 May 2022 07:52:11 GMT
Connection: keep-alive
ETag: "629477ab-48c7"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/css/magnific-popup.css?ver=6.0
80.87.203.86200 OK 7.1 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/css/magnific-popup.css?ver=6.0
IP 80.87.203.86:0
Hash 03fb256e4dfc134f073e25036ddd5787
dafdecbb8e6206c3559879ac8ad9bea0c52c644e
2463e8404015cc56097236a43021f8b10bf52a2fab8ef0087d95002f78350358
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/css/magnific-popup.css?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 7054
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-1b8e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/style.css?ver=6.0
80.87.203.86200 OK 118 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/style.css?ver=6.0
IP 80.87.203.86:0
File type Unicode text, UTF-8 text, with very long lines (385)
Size 118 kB (118125 bytes)
Hash f3ab2a58ce700bada57f208164e6b1a3
c30fed978afa43f440663a86beaed89841d40357
833377eb0c924cf28a535a136170efb386748f1daed7ef2eba6944a10293744a
GET /wp-content/themes/konstruktic/style.css?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:08 GMT
Content-Type: text/css
Content-Length: 118125
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
Connection: keep-alive
ETag: "6280fc15-1cd6d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:28:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/css/jquery.scrollbar.css?ver=2.0.0
80.87.203.86200 OK 3.2 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/css/jquery.scrollbar.css?ver=2.0.0
IP 80.87.203.86:0
Hash 32f5914eac39cecc201bf085bacbdb04
778e28ad3a4679b1561b2eff55887c3c871d5e2b
fd1a095d1c03b34f54a7f4b5c5610717198dbe8411b51fc15fd1f3fc8385751f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/css/jquery.scrollbar.css?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 3229
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-c9d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/css/elementor/style.css?ver=2.0.0
80.87.203.86200 OK 163 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/css/elementor/style.css?ver=2.0.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (1779)
Size 163 kB (162844 bytes)
Hash 03afe471627bb42ba8fad344e1bca110
1d8e746fd6cd3ec9e0efe93034d4e568c7384355
e5e9b0df82e3469909004bc30935804ffd9235d68af14c9111bf35d8db31c78b
GET /wp-content/plugins/konstruktic-core/assets/css/elementor/style.css?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:08 GMT
Content-Type: text/css
Content-Length: 162844
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-27c1c"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
80.87.203.86200 OK 2.7 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 80.87.203.86:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 2731
Last-Modified: Sun, 15 May 2022 13:12:51 GMT
Connection: keep-alive
ETag: "6280fc53-aab"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/css/tooltipster.bundle.min.css?ver=2.0.0
80.87.203.86200 OK 6.8 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/css/tooltipster.bundle.min.css?ver=2.0.0
IP 80.87.203.86:0
Hash e2bb7792e6575d5cc28c7b85f4e9798f
e4ea51b9bd17ece50a4601125ed7ea10eca4b354
b50550ca345cf1934954f31b86267ed97fd7ac4a239bb849dd099129ae92d3f4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/css/tooltipster.bundle.min.css?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 6841
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-1ab9"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/elementor/css/post-6.css?ver=1653897131
80.87.203.86200 OK 1.1 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/elementor/css/post-6.css?ver=1653897131
IP 80.87.203.86:0
File type ASCII text, with very long lines (1110), with no line terminators
Hash 68856520498b5e4f47f7b8cf16c79b48
d6b85bbd864e17b8ec57a8ee463cbef8f94ea080
42e9a32f58d97987bb1f7a194b9f6ea476e6d1803d254285e07c990316e29833
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-6.css?ver=1653897131 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 1110
Last-Modified: Mon, 30 May 2022 07:52:11 GMT
Connection: keep-alive
ETag: "629477ab-456"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
80.87.203.86200 OK 19 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (19082)
Hash 50be31853049e4b4a10c277d5f95eb75
ac2dffc0c65ad6b209fedf2169d0c50eb4119a3e
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 19128
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-4ab8"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.5
80.87.203.86200 OK 163 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.5
IP 80.87.203.86:0
File type ASCII text, with very long lines (65497)
Size 163 kB (163326 bytes)
Hash 441e2dceb8275e4e4a7ae0a01af3b2c6
4f2527a01a3fa4bf6a1bf473c66bbebd05c131bd
888937b853414182608e6ed76b574497748b1954de47389bf4b2018f90b9d324
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.5 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:08 GMT
Content-Type: text/css
Content-Length: 163326
Last-Modified: Sun, 15 May 2022 13:12:34 GMT
Connection: keep-alive
ETag: "6280fc42-27dfe"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/elementor/css/global.css?ver=1653897131
80.87.203.86200 OK 15 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/elementor/css/global.css?ver=1653897131
IP 80.87.203.86:0
File type ASCII text, with very long lines (4688)
Hash 633afc70e84cdc1203591c06b64a3e75
d733d6b64f9a2f5a4c52227d1aff84eeb5335d85
1ee32a26ecbc4ce7434866f5aadf67c30b89bcac8d9a6cf64e44d1692dd07e83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/global.css?ver=1653897131 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 15384
Last-Modified: Mon, 30 May 2022 07:52:11 GMT
Connection: keep-alive
ETag: "629477ab-3c18"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/elementor/css/post-102.css?ver=1653897131
80.87.203.86200 OK 11 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/elementor/css/post-102.css?ver=1653897131
IP 80.87.203.86:0
File type ASCII text, with very long lines (11061), with no line terminators
Hash d8a2199613a8196dabea8f96d96a3016
52a79deb7c943b8354a8ae203c6ca7687e7db9e2
703347bac1f0b96ebaebb15b80938a45ad57488e9e2b6140166e75d8faa4c087
GET /wp-content/uploads/elementor/css/post-102.css?ver=1653897131 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 11061
Last-Modified: Mon, 30 May 2022 07:52:11 GMT
Connection: keep-alive
ETag: "629477ab-2b35"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/assets/css/carousel.css?ver=6.0
80.87.203.86200 OK 6.7 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/css/carousel.css?ver=6.0
IP 80.87.203.86:0
Hash dd9584c053ff8a58625efe5a0ecbd7b2
a643139819820e280ec5d2e9d3617048650815ff
d979bbb7061d45171ee0ce02a6ede8a723e91b853578eb95525c95bda345b822
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/konstruktic/assets/css/carousel.css?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 6670
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
Connection: keep-alive
ETag: "6280fc15-1a0e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
80.87.203.86200 OK 675 B URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 80.87.203.86:0
File type ASCII text, with very long lines (489)
Hash 144e43c3b3d8ea5b278c062c202c92f2
3c037057a419245849747b4762d09d88cab66fc1
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 675
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-2a3"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
80.87.203.86200 OK 58 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 80.87.203.86:0
File type ASCII text, with very long lines (57726)
Hash eeb705d0bdccfd645d3bbd46dd1fbab3
066def290f42ed8c00860e573cc880bd46e9ced4
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 57912
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-e238"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
80.87.203.86200 OK 11 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 80.87.203.86:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: application/javascript
Content-Length: 11224
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Connection: keep-alive
ETag: "5fb4e3fe-2bd8"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/modernizr.custom.js?ver=2.0.0
80.87.203.86200 OK 9.0 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/modernizr.custom.js?ver=2.0.0
IP 80.87.203.86:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (8820)
Hash 7a9ad736fcbd8d99ac7cb282e48f492d
bc9582612f11bf96bc56f75347cf54138339778a
8bf0280a5588514ef4978f8099d859364ba6d44dcfb9ee8c59d90486e3ec1267
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/libs/modernizr.custom.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: application/javascript
Content-Length: 9003
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-232b"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/assets/css/opal-icons.css?ver=6.0
80.87.203.86200 OK 40 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/css/opal-icons.css?ver=6.0
IP 80.87.203.86:0
File type troff or preprocessor input, Unicode text, UTF-8 text
Hash 9814d217934fd78695069b23d5fb2d38
6b4b7be346fde00036bc00caa4212ffcca9825f4
d8b0302deb65e7c88a7939c771de1223c37466c0c36d7d7018aaacfcf70cb584
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/konstruktic/assets/css/opal-icons.css?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 40154
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
Connection: keep-alive
ETag: "6280fc15-9cda"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/main.js?ver=2.0.0
80.87.203.86200 OK 1.4 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/main.js?ver=2.0.0
IP 80.87.203.86:0
File type HTML document, ASCII text, with very long lines (1402)
Hash 8ccece328abfa979e8293cd465f26260
016f0f41dc271f6c2e76868655b45cf7148a7b68
2116119f02eb56889d76cfa108047804ea24501218ec431f097160446b8a7822
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/main.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: application/javascript
Content-Length: 1436
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-59c"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/carousel.js?ver=6.0
80.87.203.86200 OK 4.4 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/carousel.js?ver=6.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (4375)
Hash 7950b78be956eabcb0420c8832cc33bf
14ac6ba5b8a96c8ca7e7b4bec37b90d9997476d0
9cbbcbb1f4d510721683b8ecfbecdf20af2a397cbecd76cbeebb09e48a4e9ff3
GET /wp-content/plugins/konstruktic-core/assets/js/carousel.js?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: application/javascript
Content-Length: 4413
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-113d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/elementor/css/post-1028.css?ver=1658717644
80.87.203.86200 OK 28 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/elementor/css/post-1028.css?ver=1658717644
IP 80.87.203.86:0
File type ASCII text, with very long lines (27845), with no line terminators
Hash 36134f7a3a8caca9f17bff16377e67ee
17e6556d2b15b3865cb60df9ef744366d002623c
ca3c12a46e911b34f8fc17629404c15c22b2affcdd0a698a11bf6da4907ddac3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-1028.css?ver=1658717644 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 27845
Last-Modified: Mon, 25 Jul 2022 02:54:04 GMT
Connection: keep-alive
ETag: "62de05cc-6cc5"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.0
80.87.203.86200 OK 89 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (43771)
Hash d534fc4463d84fecc2a0b4e847bec46e
a553b04e1476190984e01192467df79f9645ab70
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: text/css
Content-Length: 88870
Last-Modified: Mon, 30 May 2022 07:34:33 GMT
Connection: keep-alive
ETag: "62947389-15b26"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/assets/js/libs/owl.carousel.js?ver=2.2.1
80.87.203.86200 OK 104 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/js/libs/owl.carousel.js?ver=2.2.1
IP 80.87.203.86:0
Size 104 kB (103727 bytes)
Hash 5931613d57f6ac2f00829eefd39a8b15
66304d3e2e5ae465ea3df42d582dd1ebcdf5aa6a
6e60e269abacf471d9157534945925d27747a831d86b5e55b0efc0bcfb152799
GET /wp-content/themes/konstruktic/assets/js/libs/owl.carousel.js?ver=2.2.1 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: application/javascript
Content-Length: 103727
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
Connection: keep-alive
ETag: "6280fc15-1952f"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
80.87.203.86200 OK 90 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:09 GMT
Content-Type: application/javascript
Content-Length: 89521
Last-Modified: Wed, 10 Mar 2021 15:07:24 GMT
Connection: keep-alive
ETag: "6048e0ac-15db1"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://krym-stroy.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 487201
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21276, version 1.0\012- data
Hash 59c9b83cc112cf7eeb3bf7a5e96b21fe
771790b776b5e1bc3039c337024e400974184208
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://krym-stroy.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 16:07:46 GMT
expires: Tue, 06 Feb 2024 16:07:46 GMT
cache-control: public, max-age=31536000
age: 195624
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://krym-stroy.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:20:24 GMT
expires: Sun, 04 Feb 2024 10:20:24 GMT
cache-control: public, max-age=31536000
age: 389266
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
krym-stroy.ru/
80.87.203.86200 OK 196 kB IP 80.87.203.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (52811)
Size 196 kB (195777 bytes)
Hash 8a87e5c064e525a0fc06dfd2cca41488
26ca7287264eff722f0bd872d770565f53415383
eed7cb460b8c941448a6967de8d88702c5cca8d78bf4bd180f7b4e327a5cef7b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.29
Link: <https://krym-stroy.ru/wp-json/>; rel="https://api.w.org/", <https://krym-stroy.ru/wp-json/wp/v2/pages/1028>; rel="alternate"; type="application/json", <https://krym-stroy.ru/>; rel=shortlink
Strict-Transport-Security: max-age=31536000;
krym-stroy.ru/wp-content/themes/konstruktic/assets/fonts/GilmerBold.woff
80.87.203.86200 OK 32 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/fonts/GilmerBold.woff
IP 80.87.203.86:0
File type Web Open Font Format, TrueType, length 32324, version 0.0\012- data
Hash ace9521157a623762d3ccd82c0c766eb
09705c55e5562574a3cade4fb951483ef14e552f
1fe185b0a0aaa037adaaf1cfa42f13599690335cbc21102d3768c823ff624e8a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/konstruktic/assets/fonts/GilmerBold.woff HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krym-stroy.ru/wp-content/themes/konstruktic/style.css?ver=6.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/font-woff
Content-Length: 32324
Connection: keep-alive
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
ETag: "7e44-5df0ca6776f40"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
krym-stroy.ru/wp-content/themes/konstruktic/assets/fonts/opal-icon.woff2
80.87.203.86200 OK 14 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/fonts/opal-icon.woff2
IP 80.87.203.86:0
File type Web Open Font Format (Version 2), TrueType, length 14352, version 1.0\012- data
Hash 34678ee58dba1bb1421bb4bace8dbc2b
c8676bd54c14091bab7925d400ba76e7a23f4306
685377116aef147d22d2da071011be3ccf1f41b78f1db579869307fd0895d64f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/konstruktic/assets/fonts/opal-icon.woff2 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krym-stroy.ru/wp-content/themes/konstruktic/assets/css/opal-icons.css?ver=6.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Length: 14352
Connection: keep-alive
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
ETag: "3810-5df0ca6776f40"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-brickwall-3108885-1.png
80.87.203.86200 OK 6.0 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-brickwall-3108885-1.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash d1c4c49cc934464c8876ea1b788cd45a
992c2a15526f010a41c095341204efcb2487163f
25da8d56b521b76a80b88e11a31abb11498a1126289ebeaf745722933a9b4b5d
GET /wp-content/uploads/2022/05/premium-icon-brickwall-3108885-1.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 6006
Last-Modified: Wed, 18 May 2022 13:28:14 GMT
Connection: keep-alive
ETag: "6284f46e-1776"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-crane-3108905.png
80.87.203.86200 OK 4.3 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-crane-3108905.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f13f67a0ffa6e5a58060aecbb2168fa8
53cdee54d7c8ba8153ebd3f841fc0ebd6ed4e555
f29988bafea143cfd9f17ef5c497648c0dd472edadfa352a1759c788691038e9
GET /wp-content/uploads/2022/05/premium-icon-crane-3108905.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 4275
Last-Modified: Wed, 18 May 2022 13:31:15 GMT
Connection: keep-alive
ETag: "6284f523-10b3"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-paint-brush-3108886.png
80.87.203.86200 OK 4.7 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-paint-brush-3108886.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash c0a4d0d92b9880117359c6fe2b3745ba
180492c798e5db2b9c4ea318dbfea38b1fb84a64
ca884da504c6d1dcb3382b7670f95d54ff2977cf7808f0ad564e894089e37368
GET /wp-content/uploads/2022/05/premium-icon-paint-brush-3108886.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 4702
Last-Modified: Wed, 18 May 2022 13:29:07 GMT
Connection: keep-alive
ETag: "6284f4a3-125e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-jackhammer-3108898.png
80.87.203.86200 OK 3.1 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-jackhammer-3108898.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b27e34e2fbc49cc4096c15f0224c2bd
06fcdd7d6eeb57561066eb15cee4b0ed7bf27758
546bd1c56e07a47b13fbea216c15899e62864c4a6469f2aee522b18c8e76aa59
GET /wp-content/uploads/2022/05/premium-icon-jackhammer-3108898.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 3122
Last-Modified: Wed, 18 May 2022 13:30:06 GMT
Connection: keep-alive
ETag: "6284f4de-c32"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-truck-3108887.png
80.87.203.86200 OK 4.0 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-truck-3108887.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 80255176d50965fb4f793296de74877f
6d0e02b798b50ef62788f9078949fa4045f03ec1
d3ea80d3ec2fe3aace6a75d5e44a8185e6c4a032ff3a59815c68d6138261e401
GET /wp-content/uploads/2022/05/premium-icon-truck-3108887.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 3953
Last-Modified: Wed, 18 May 2022 13:32:48 GMT
Connection: keep-alive
ETag: "6284f580-f71"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-excavator-3108877.png
80.87.203.86200 OK 6.1 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-excavator-3108877.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ccbbd6c3d7a942b473abb95f650eeb2e
32b7b3b4cde358c681b1c096f4cf4ed8f4da5824
5bd54f3e1d982810191f77b44ada285b8583b372871c3b1e6ca7b9444ae83937
GET /wp-content/uploads/2022/05/premium-icon-excavator-3108877.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 6064
Last-Modified: Wed, 18 May 2022 13:33:41 GMT
Connection: keep-alive
ETag: "6284f5b5-17b0"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-drilling-machine-3108878.png
80.87.203.86200 OK 5.8 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-drilling-machine-3108878.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 6bb21f18c16acf78034be03631d673d5
8e681cd13762a9a15da5848a691515de24fb6939
050dc7d7b43023b11b3b5fb87490a49491f17598c99b72d176a013b8acf92d57
GET /wp-content/uploads/2022/05/premium-icon-drilling-machine-3108878.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 5777
Last-Modified: Wed, 18 May 2022 13:34:43 GMT
Connection: keep-alive
ETag: "6284f5f3-1691"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-blueprint-3108901.png
80.87.203.86200 OK 3.4 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-blueprint-3108901.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b031084519e8623d572b864628914f8
8da89faf82702416e529f30422aed9ace5cfd879
75803682bb237573c8e09dd1d7a5b3d9e5f8de49f5b5782ecb1530ebc69e5d87
GET /wp-content/uploads/2022/05/premium-icon-blueprint-3108901.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 3436
Last-Modified: Wed, 18 May 2022 13:35:36 GMT
Connection: keep-alive
ETag: "6284f628-d6c"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-concrete-mixer-3108907.png
80.87.203.86200 OK 6.1 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/premium-icon-concrete-mixer-3108907.png
IP 80.87.203.86:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash e808c73f682292a243cbeed051736b06
d62933cd91d2a17eb162b0533af7cd2b1fc41fa4
8aceedbbed375b85652f0dbed28cab26c5fa999148adb296047dc5631586c4a3
GET /wp-content/uploads/2022/05/premium-icon-concrete-mixer-3108907.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 6102
Last-Modified: Wed, 18 May 2022 13:36:41 GMT
Connection: keep-alive
ETag: "6284f669-17d6"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.5
80.87.203.86200 OK 18 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.5
IP 80.87.203.86:0
File type ASCII text, with very long lines (10019)
Hash 4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.5 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: text/css
Content-Length: 18468
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-4824"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16216, version 1.0\012- data
Hash 4c5bc71b3cf6f2584725c0bb3e25d391
f051f482061dc48d09c328c45459dd04db5b5547
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
GET /s/hind/v16/5aU69_a8oxmIdGl4BA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://krym-stroy.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 18:45:07 GMT
expires: Tue, 06 Feb 2024 18:45:07 GMT
cache-control: public, max-age=31536000
age: 186183
last-modified: Tue, 26 Apr 2022 15:45:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw9aXpsog.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw9aXpsog.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8012, version 1.0\012- data
Hash bc1039c3bfaae932e40a9b5bfeb85048
5d60d7c9a1d38bba80f18827a2b63d4099297143
7849168d695f8cba6b3393af9042a293e57e99b31239883ac597c0c20166c966
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw9aXpsog.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://krym-stroy.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8012
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:07:25 GMT
expires: Sat, 03 Feb 2024 02:07:25 GMT
cache-control: public, max-age=31536000
age: 505245
last-modified: Mon, 11 Jul 2022 19:01:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/mlpushmenu.js?ver=2.0.0
80.87.203.86200 OK 10 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/mlpushmenu.js?ver=2.0.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (2051)
Hash b892a6df5eefbcd5b4372c6dc359c54c
9a64d526809a9bd8d23198f8a971934f18499b67
0393c75f3cfc89d714d568ea8ac8ad01b7e07e02edcb5369de969f3b438d71ae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/libs/mlpushmenu.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 10313
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-2849"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/classie.js?ver=2.0.0
80.87.203.86200 OK 1.8 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/classie.js?ver=2.0.0
IP 80.87.203.86:0
Hash a9df1cfb76ce492afd9d13f3320272fd
782b9564f015a2ec7bdf9c89e238fab9b44bd587
717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/libs/classie.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 1835
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-72b"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/jquery-parallax.js?ver=2.0.0
80.87.203.86200 OK 325 B URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/jquery-parallax.js?ver=2.0.0
IP 80.87.203.86:0
Hash e30b3975410a59bcb9839cc8346ce520
6328748dcee8f4a0993a2742a8a5db4f4e3d870f
585145500968af7ae86cd7615c6722f20df882908c98b558a533f8ed72b59a14
GET /wp-content/plugins/konstruktic-core/assets/js/libs/jquery-parallax.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 325
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-145"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2019/05/jqb2lzh-001.png
80.87.203.86200 OK 49 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2019/05/jqb2lzh-001.png
IP 80.87.203.86:0
File type PNG image data, 1297 x 796, 8-bit/color RGBA, non-interlaced\012- data
Hash dd22101fba8d49edf16c79353aec648f
60fb7acb3db78aa15fb2caf72a87b1a6ac9e15db
d8e1a472999013368ed8e86fa31c374778c7aa1155b2b01d3d4a246ddecd8363
GET /wp-content/uploads/2019/05/jqb2lzh-001.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 49262
Last-Modified: Wed, 18 May 2022 14:46:02 GMT
Connection: keep-alive
ETag: "628506aa-c06e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/tooltipster.bundle.min.js?ver=2.0.0
80.87.203.86200 OK 40 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/tooltipster.bundle.min.js?ver=2.0.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (39810), with no line terminators
Hash 9f0a35f19fdb169f5f1b46cae67c14b2
45c2b2a29f140edf1196645f19bd8b1844526592
4d9fda03ae8c7cd694517372e0688f9985ac4f06dbe80cd36de5044d6a5979d6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/libs/tooltipster.bundle.min.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 39810
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-9b82"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/jquery.scrollbar.min.js?ver=2.0.0
80.87.203.86200 OK 12 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/jquery.scrollbar.min.js?ver=2.0.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (11879)
Hash ab7d0adf08cbb85348bce7ef9f48ee68
900b6d3129c471a26ddbccd0d00373389b7568a1
c86f7463dc182123e1593d6a5bfaec051bfbc6cab397330fc2f2048a71fd791a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/libs/jquery.scrollbar.min.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 12248
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-2fd8"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
80.87.203.86200 OK 6.5 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 80.87.203.86:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 6475
Last-Modified: Mon, 30 May 2022 07:34:33 GMT
Connection: keep-alive
ETag: "62947389-194b"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/jquery.magnific-popup.min.js?ver=6.0
80.87.203.86200 OK 20 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/jquery.magnific-popup.min.js?ver=6.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (20087)
Hash ba6cf724c8bb1cf5b084e79ff230626e
f455c5f153f872e52265f87a644ff89fe14a6fb6
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/libs/jquery.magnific-popup.min.js?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 20216
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-4ef8"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
80.87.203.86200 OK 9.7 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 80.87.203.86:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 9720
Last-Modified: Sun, 15 May 2022 13:12:51 GMT
Connection: keep-alive
ETag: "6280fc53-25f8"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.21
80.87.203.86200 OK 58 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.21
IP 80.87.203.86:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 7d4cdc18b95171f8dadb5d4fa0de7cf2
a960abb1c3844715ec9565e3b2b73a9b1faa32b0
8527577417ba8bd5dbaaad96e47d57c5e94b9e17094ffd9c0a2b5ad56a324347
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.21 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: text/css
Content-Length: 57925
Last-Modified: Sun, 15 May 2022 13:34:32 GMT
Connection: keep-alive
ETag: "62810168-e245"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
source.wpopal.com/konstruktic/wp-content/uploads/2019/06/pattern.jpg
172.67.167.191200 OK 28 kB URL HTTP/1.1 source.wpopal.com/konstruktic/wp-content/uploads/2019/06/pattern.jpg
IP 172.67.167.191:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3\012- data
Hash 8039c8ee64b86eef521f0c76d3979071
8d2377c945af90b9ef4f56dbdc9c447dda993f65
134c5c4f9e1e801fa300970e6a86ad20239fe8dce633e1f66ba685a4703416de
GET /konstruktic/wp-content/uploads/2019/06/pattern.jpg HTTP/1.1
Host: source.wpopal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/jpeg
Content-Length: 28192
Connection: keep-alive
Last-Modified: Thu, 15 Aug 2019 06:52:37 GMT
ETag: "6e20-5902251aaf740"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyCvvlhTYPoC%2BTTo98SXZVKkOOjF%2FLiysWB3nrEBg9NQGUANmKLhr290WAtVYdH0Zy2MWbw%2FDLB30n2f0D%2F%2B5CuPzex7m5Z1H3GDh77S0OuZn5J8BD7o%2B3qwXZh2CNLqTMZ6iw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967cbfe5ed7b52d-OSL
alt-svc: h2=":443"; ma=60
source.wpopal.com/konstruktic/wp-content/uploads/2019/05/footer_bkg_1.png
172.67.167.191200 OK 53 kB URL HTTP/1.1 source.wpopal.com/konstruktic/wp-content/uploads/2019/05/footer_bkg_1.png
IP 172.67.167.191:0
File type PNG image data, 1115 x 640, 8-bit colormap, non-interlaced\012- data
Hash b5c526811bef0032f2f045a153817a9f
335e5090daa26f30b3c93c2240200ec25a0d2ed9
cbf1689be8ca03ecbbbe3d1777f191139fbeb745f1a1cd70486bacf98330019c
GET /konstruktic/wp-content/uploads/2019/05/footer_bkg_1.png HTTP/1.1
Host: source.wpopal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/png
Content-Length: 53254
Connection: keep-alive
Last-Modified: Thu, 15 Aug 2019 06:52:37 GMT
ETag: "d006-5902251aaf740"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHfcaQyt%2FV0dEjN99EBzoDQfPHBZ19CFIBiqOTBljaslEMIVzTzel3AFwO9SR2D6Qnp2Wo1HdhJ3mtgV8H2q5nAeHKrfkzga4ay6MFr5dSA8qJnr3QhS10DUYTQvwrERJ3Wakw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967cbfe59bc1c0a-OSL
alt-svc: h2=":443"; ma=60
source.wpopal.com/konstruktic/wp-content/uploads/2019/06/bg_h1.jpg
172.67.167.191200 OK 356 kB URL HTTP/1.1 source.wpopal.com/konstruktic/wp-content/uploads/2019/06/bg_h1.jpg
IP 172.67.167.191:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1281, components 3\012- data
Size 356 kB (356138 bytes)
Hash 653d88110d1c89d22b1e2b68d5ebe46c
749fe4f2ae14e21cf41a5fd9e0ea58de4ad1372c
d5deea655ab50095076a80483d7371d0b01f4b252b8283027ff6718d9037a1aa
GET /konstruktic/wp-content/uploads/2019/06/bg_h1.jpg HTTP/1.1
Host: source.wpopal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: image/jpeg
Content-Length: 356138
Connection: keep-alive
Last-Modified: Thu, 15 Aug 2019 06:52:36 GMT
ETag: "56f2a-59022519bb500"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXpJaiQN7yRnUA2rq73HMki7Xler1ZiFTqZmy9eF8e%2FwIAftWQre6mKi5TfyFV768oTNCd0FVeQxqOVvYH4%2FFhbFJYOAMEWa%2FQvJiy1CPqQ1dK8QfiDBkCsXB7XZXzxxxJYAvg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967cbfe5b65b524-OSL
alt-svc: h2=":443"; ma=60
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/jquery.smartmenus.min.js?ver=2.0.0
80.87.203.86200 OK 24 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/jquery.smartmenus.min.js?ver=2.0.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (24459)
Hash f37878df1d94bbea0dfb7e85612888ec
19df702835ff55ce5a9b76b9974f8597cc528c6a
2fe668f50e1b19f758d3a06ac0c60b0e869c6b31fa1ab43190b6af3dd4f46b8e
GET /wp-content/plugins/konstruktic-core/assets/js/libs/jquery.smartmenus.min.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 24548
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-5fe4"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/TweenMax.min.js?ver=2.0.0
80.87.203.86200 OK 115 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/TweenMax.min.js?ver=2.0.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (32059)
Size 115 kB (115318 bytes)
Hash ae12e96c807825bb94359cf77eef2499
eb2516eafea1ba31cfa659f255bc567236658e78
3cde4552b576851bbf6901f8f77ee75dc88ddc32e4368dccc88ac78008336b76
GET /wp-content/plugins/konstruktic-core/assets/js/libs/TweenMax.min.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 115318
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-1c276"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/js/wp-util.min.js?ver=6.0
80.87.203.86200 OK 1.3 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/wp-util.min.js?ver=6.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (1305)
Hash 8637362089372427b52fa10a43d8109c
6009bed674718329dce6055ab09fa95181162d81
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-util.min.js?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 1340
Last-Modified: Fri, 25 Jun 2021 14:50:58 GMT
Connection: keep-alive
ETag: "60d5ed52-53c"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/assets/js/theme.js?ver=1.0
80.87.203.86200 OK 20 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/js/theme.js?ver=1.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (564)
Hash a52b8c5eb07a7254da2e30c18455b630
d30dbc1737bade4a8947e7499513bb80c7db81f1
aca43339941ee394e224d1200781b7103c1651aa445efcf8aa24bac23e81b8b4
GET /wp-content/themes/konstruktic/assets/js/theme.js?ver=1.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 20135
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
Connection: keep-alive
ETag: "6280fc15-4ea7"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/assets/js/sticky-layout.js?ver=6.0
80.87.203.86200 OK 4.6 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/js/sticky-layout.js?ver=6.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (4515)
Hash cb0e643b9725c79447ef12292e6d4942
9de76498685800322d215bdca8797483554982c6
f77afc62a6126a044513b51fd4e091b0e311f20f2d44da0a72d4629e2c69580a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/konstruktic/assets/js/sticky-layout.js?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 4558
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
Connection: keep-alive
ETag: "6280fc15-11ce"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
80.87.203.86200 OK 1.8 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
IP 80.87.203.86:0
File type ASCII text, with very long lines (1801), with no line terminators
Hash 4d43b2fcb5ef3e6afdcd539f46148514
0ff4d5160beb004c439b20c6343044917c629d10
9aa9bb8be2b834059533ce5de7eed3a662ad3d3e70643bbe5f75265075e9bd28
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 1801
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-709"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/assets/js/navigation.js?ver=1.0
80.87.203.86200 OK 1.0 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/js/navigation.js?ver=1.0
IP 80.87.203.86:0
Hash be3a3a84012476b18895252164b54eb6
eed28d48a4a177e91dd4d45eab2889bc497be23c
05d1502032b38198698d45f8e2346039a9fad3f1644911f64e82c1912abbc98c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/konstruktic/assets/js/navigation.js?ver=1.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 1008
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
Connection: keep-alive
ETag: "6280fc15-3f0"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/js/underscore.min.js?ver=1.13.3
80.87.203.86200 OK 19 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/underscore.min.js?ver=1.13.3
IP 80.87.203.86:0
File type ASCII text, with very long lines (18876)
Hash 42aa17e1f850a414638ee4a32a3aa807
2e42d03a5e042701191650c041eae1cfb2d6c7b9
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 18911
Last-Modified: Mon, 30 May 2022 07:34:33 GMT
Connection: keep-alive
ETag: "62947389-49df"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/js/imagesloaded.min.js?ver=4.1.4
80.87.203.86200 OK 5.6 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 80.87.203.86:0
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 5629
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
Connection: keep-alive
ETag: "5ee520a7-15fd"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5
80.87.203.86200 OK 5.0 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5
IP 80.87.203.86:0
File type ASCII text, with very long lines (4921)
Hash d4be732d829fad2ba26dc46b43a86223
bf0380f5c0aaf1c45cf298f68f011d11cb1b3bfd
b6d39822e34f949768c8aa5d6c99e4cde5013f2221990bf58137e8e2913d4ba7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 4960
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-1360"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
80.87.203.86200 OK 19 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 80.87.203.86:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 19142
Last-Modified: Mon, 30 May 2022 07:34:33 GMT
Connection: keep-alive
ETag: "62947389-4ac6"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5
80.87.203.86200 OK 14 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5
IP 80.87.203.86:0
File type ASCII text, with very long lines (14238)
Hash 6fbda71318de346ec1430e8202aaaecb
b60a62613c3dbbd6409677a76176523f339a5029
eebb7c9b62d8028d702b547bcef97e776ada693cbafa64161471b1f96f5d0556
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 14277
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-37c5"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
80.87.203.86200 OK 21 kB URL HTTP/1.1 krym-stroy.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 80.87.203.86:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6aaf0a4e8eac131defea126f5b1b5fbf
24da0326af36303e5a1e9799a3c26f7a1077928c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 20715
Last-Modified: Mon, 30 May 2022 07:34:33 GMT
Connection: keep-alive
ETag: "62947389-50eb"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/isotope.pkgd.min.js?ver=2.0.0
80.87.203.86200 OK 35 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/libs/isotope.pkgd.min.js?ver=2.0.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (32019)
Hash 2afcff647ed260006faa71c8e779e8d4
c4e5994f24ee8c8d2cf2d6602f0b56b9096a2e98
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/libs/isotope.pkgd.min.js?ver=2.0.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 35445
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-8a75"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
80.87.203.86200 OK 129 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 80.87.203.86:0
File type ASCII text, with very long lines (45108)
Size 129 kB (128668 bytes)
Hash fb0dc63ed31433d3e16526f9e415d57e
3d4029b9f66e3f3c086eba04a02c140660a94acb
559f367b8631134334b4870bed568b019af144c801b574a252e337d4e837a05a
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 128668
Last-Modified: Sun, 15 May 2022 13:34:32 GMT
Connection: keep-alive
ETag: "62810168-1f69c"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.5
80.87.203.86200 OK 2.6 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.5
IP 80.87.203.86:0
File type ASCII text, with very long lines (2577)
Hash 9bb8540493a7fe11b229870eb37be165
d77f17cb9057dc8f622b8c0bf23f6acb739b3b8e
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.5 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:11 GMT
Content-Type: application/javascript
Content-Length: 2578
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-a12"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
80.87.203.86200 OK 11 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (10544)
Hash 4eee50ac6f4f364ba3a284d0753ddae3
a8e7e824e6824ae0b370ff36e2c07ca07276fae0
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:11 GMT
Content-Type: application/javascript
Content-Length: 10682
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-29ba"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
80.87.203.86200 OK 12 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 80.87.203.86:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 12198
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-2fa6"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.5
80.87.203.86200 OK 38 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.5
IP 80.87.203.86:0
File type ASCII text, with very long lines (37702)
Hash 4373bd97c68561c372df737c04ecbe77
09bf1dd395b2039b32b1925cdc189a4018265661
bccb715aeac8a50b19f527b17f3a1e86142e1b8ad8711c3195ce297696feb490
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.5 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:11 GMT
Content-Type: application/javascript
Content-Length: 37741
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-936d"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.5
80.87.203.86200 OK 43 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.5
IP 80.87.203.86:0
File type ASCII text, with very long lines (43353)
Hash 567ad0e1580d005d2432d1dd02cd4531
e0d44991720f7d58b6084deb8e44c790622b8dd9
f3b168c097d61acde0e2bdf43e11db394006f4ba38f8e61b93b8c71f54af484a
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.5 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:11 GMT
Content-Type: application/javascript
Content-Length: 43392
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-a980"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/revslider/public/assets/assets/dummy.png
80.87.203.86200 OK 68 B URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 80.87.203.86:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:11 GMT
Content-Type: image/png
Content-Length: 68
Last-Modified: Sun, 15 May 2022 13:34:32 GMT
Connection: keep-alive
ETag: "62810168-44"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/elementor/frontend.js?ver=6.0
80.87.203.86200 OK 39 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/konstruktic-core/assets/js/elementor/frontend.js?ver=6.0
IP 80.87.203.86:0
File type ASCII text, with very long lines (31960)
Hash d1268c98006af605357ac7cc0d6a42c4
a430313b2210d5d78f54c2ae35bb56f842bd1904
79aa286349e5b0a98cdfbf6ca05c746024a1eca3e82571f53a143b384ccf43af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/konstruktic-core/assets/js/elementor/frontend.js?ver=6.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:11 GMT
Content-Type: application/javascript
Content-Length: 39294
Last-Modified: Sun, 15 May 2022 13:12:38 GMT
Connection: keep-alive
ETag: "6280fc46-997e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/uploads/2022/05/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0_%D0%BE%D1%82_2022-05-15_16-38-24-removebg-preview.png
80.87.203.86200 OK 46 kB URL HTTP/1.1 krym-stroy.ru/wp-content/uploads/2022/05/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0_%D0%BE%D1%82_2022-05-15_16-38-24-removebg-preview.png
IP 80.87.203.86:0
File type PNG image data, 355 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash 8cb5b229a9b30f15f185427788b8c6aa
30725d9e24412b26782121f8754eb5fdf4e74b62
cf6a8f34301f52d94b35a74188d39fd1ece5d074b7c67997bee565144a6a3467
GET /wp-content/uploads/2022/05/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0_%D0%BE%D1%82_2022-05-15_16-38-24-removebg-preview.png HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:11 GMT
Content-Type: image/png
Content-Length: 45774
Last-Modified: Sun, 15 May 2022 13:39:07 GMT
Connection: keep-alive
ETag: "6281027b-b2ce"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.21
80.87.203.86200 OK 390 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.21
IP 80.87.203.86:0
File type ASCII text, with very long lines (64288)
Size 390 kB (389903 bytes)
Hash 8e53999265fbc90f4df36b4e5a299f5a
65052bce9ca2959d5cb8e83f128ffc53f096e8aa
55c0879610cbf532a6fdb4e5067d78cd891e1390a8b8483398d479fea98abbd4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.21 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 389903
Last-Modified: Sun, 15 May 2022 13:34:32 GMT
Connection: keep-alive
ETag: "62810168-5f30f"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/wp-content/themes/konstruktic/assets/fonts/fontawesome-webfont.woff?v=4.7.0
80.87.203.86200 OK 98 kB URL HTTP/1.1 krym-stroy.ru/wp-content/themes/konstruktic/assets/fonts/fontawesome-webfont.woff?v=4.7.0
IP 80.87.203.86:0
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/konstruktic/assets/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krym-stroy.ru/wp-content/themes/konstruktic/assets/css/opal-icons.css?ver=6.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:11 GMT
Content-Type: application/font-woff
Content-Length: 98024
Connection: keep-alive
Last-Modified: Sun, 15 May 2022 13:11:49 GMT
ETag: "17ee8-5df0ca6776f40"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
krym-stroy.ru/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
80.87.203.86200 OK 139 kB URL HTTP/1.1 krym-stroy.ru/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 80.87.203.86:0
File type ASCII text, with very long lines (65280)
Size 139 kB (139153 bytes)
Hash 15bb2b8491fc7e84137d65f610e1685a
cd76b70a5426893e9c022b9a75c50a7c1348e2d0
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:10 GMT
Content-Type: application/javascript
Content-Length: 139153
Last-Modified: Sun, 15 May 2022 13:12:35 GMT
Connection: keep-alive
ETag: "6280fc43-21f91"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
krym-stroy.ru/favicon.ico
80.87.203.86200 OK 932 B URL HTTP/1.1 krym-stroy.ru/favicon.ico
IP 80.87.203.86:0
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Hash 8e447455b4a3bfbd4fb949f107f966a2
aae3f23b71c30b42d17b2394be293d16e759e4b1
3fba269d88ee2db7651cb62a756acde5f176c2d71dd8e3411bab0f391390f53c
GET /favicon.ico HTTP/1.1
Host: krym-stroy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 Feb 2023 22:28:12 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 932
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:34:01 GMT
ETag: "3a4-5e92e52420cdf"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
fonts.googleapis.com/css?family=Montserrat%3A400%7CMontserrat%3A400&subset=cyrillic%2Ccyrillic
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400%7CMontserrat%3A400&subset=cyrillic%2Ccyrillic
IP 142.250.74.74:0
GET /css?family=Montserrat%3A400%7CMontserrat%3A400&subset=cyrillic%2Ccyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 22:28:08 GMT
date: Wed, 08 Feb 2023 22:28:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHind%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=6.0
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHind%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=6.0
IP 142.250.74.74:0
GET /css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHind%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=6.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krym-stroy.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 22:28:09 GMT
date: Wed, 08 Feb 2023 22:28:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2