mai-avto.ru/
78.110.50.142301 Moved Permanently 0 B IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
x-powered-by: PHP/7.2.34
x-redirect-by: WordPress
Location: https://mai-avto.ru/
content-length: 0
content-type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2911
Expires: Fri, 11 Nov 2022 19:42:55 GMT
Date: Fri, 11 Nov 2022 18:54:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4929
Cache-Control: max-age=147552
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:54:24 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:53:36 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 11 Nov 2022 18:43:54 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 630
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21055
Expires: Sat, 12 Nov 2022 00:45:19 GMT
Date: Fri, 11 Nov 2022 18:54:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VK8wnim/FSjvTz7S5AWO/tAhfbbZ3PQ+z39flENMuNo3Y9sP+dg2E7KsrxAQA5+IvJVuLIkV1Rw=
x-amz-request-id: 2T1PR9VNHY4B76XG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 11 Nov 2022 18:49:55 GMT
age: 269
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:54:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 86342500def461cf5ea481d26b51954d
526d23e7bb3693c587afb3dae2bd7e25a1d774bb
f760619cf1a777b9d1a4e32657dc86b6bb33aeb475fe1297242fec35c1118a57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F760619CF1A777B9D1A4E32657DC86B6BB33AEB475FE1297242FEC35C1118A57"
Last-Modified: Fri, 11 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 12 Nov 2022 00:54:24 GMT
Date: Fri, 11 Nov 2022 18:54:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 11 Nov 2022 18:24:58 GMT
cache-control: public,max-age=3600
age: 1766
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
mai-avto.ru/wp-includes/css/classic-themes.min.css?ver=1
78.110.50.142200 OK 217 B URL HTTP/2 mai-avto.ru/wp-includes/css/classic-themes.min.css?ver=1
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
last-modified: Wed, 02 Nov 2022 08:32:03 GMT
etag: "d9-5ec78acd87167"
accept-ranges: bytes
content-length: 217
content-type: text/css
X-Firefox-Spdy: h2
mai-avto.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.1
78.110.50.142200 OK 95 kB URL HTTP/2 mai-avto.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type ASCII text, with very long lines (47826)
Hash 4cdcd4a2c77fccb74825eaf2d6733091
00d4ad404f681af9044bb4cc6ed5e2e9f641cc4a
187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 08:32:03 GMT
accept-ranges: bytes
content-length: 94821
content-type: text/css
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "17265-5ec78acd865af"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.1
78.110.50.142200 OK 19 kB URL HTTP/2 mai-avto.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 May 2022 20:42:36 GMT
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "48b9-5dfc7ff2da59c"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
78.110.50.142200 OK 2.7 kB URL HTTP/2 mai-avto.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:15:35 GMT
accept-ranges: bytes
content-length: 2731
content-type: text/css
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "aab-5dbeb64977bc0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
78.110.50.142200 OK 37 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
Hash 8a05fa8c423a84fcf025ead95c16ca14
013469b719ad858021cb4c292dd4b7ad6daa514e
7c9538abb165adc6d0803822959fc5844ccee39ec94444abca11c5ebad678c5f
GET /wp-content/themes/auto/style.css?ver=6.1 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:00:46 GMT
accept-ranges: bytes
content-length: 36972
content-type: text/css
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "906c-5dbeb2f9a6b80"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/assets/css/libs.min.css?ver=6.1
78.110.50.142200 OK 190 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/css/libs.min.css?ver=6.1
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type ASCII text, with very long lines (65326)
Size 190 kB (190065 bytes)
Hash 33c55525ebfc4a2583dbe7d47d3a21f7
6a121b98533a3330563a21df84e0f28effeed51a
d1e2f9e6ff07cf78fc6f7f46f2d4ba4da48e2a3e83da2e174d23f6279d8cad76
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/css/libs.min.css?ver=6.1 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:16:27 GMT
accept-ranges: bytes
content-length: 190065
content-type: text/css
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "2e671-5dbeb67b0f0c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/assets/js/script.js?ver=6.1
78.110.50.142200 OK 1.1 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/js/script.js?ver=6.1
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
Hash aee96bd3934a79c60c22b8c0738212c8
09a0f4a319d04df6a1cdcb05de360b44dff77d68
44eee5df2367dd8feb637953924e820432f75c8327c479a8d39a1f3a7b5b34cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/js/script.js?ver=6.1 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Apr 2022 06:06:27 GMT
accept-ranges: bytes
content-length: 1076
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "434-5dbf6296cfec0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/assets/js/jquery.min.js?ver=6.1
78.110.50.142200 OK 87 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/js/jquery.min.js?ver=6.1
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/js/jquery.min.js?ver=6.1 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:17:43 GMT
accept-ranges: bytes
content-length: 86927
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1538f-5dbeb6c389bc0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/logo.png
78.110.50.142200 OK 7.6 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/logo.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 148 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash 55c937c94272a7ad122a05f2e5d876db
c6963b48dda22c33a7e2234888723bfc95c92a1e
ddb527561bed458e3f21224ab7f97da35763e7cb2905972acd24a81abefb28b8
GET /wp-content/themes/auto/images/logo.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:07:23 GMT
accept-ranges: bytes
content-length: 7579
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1d9b-5dbeb474428c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/roub.png
78.110.50.142200 OK 4.6 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/roub.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash af767a129b47f86734d7f32ea42eea8b
1f46fc93451947f1ae187237cfd266560680e657
1c426570ad80190edf69b1892b6c3330c0d809f7d4cf3d74c386beb7000be6ed
GET /wp-content/themes/auto/images/roub.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:17 GMT
accept-ranges: bytes
content-length: 4595
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "11f3-5dbeb4a7c2240"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/assets/js/libs.min.js?ver=6.1
78.110.50.142200 OK 226 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/js/libs.min.js?ver=6.1
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type ASCII text, with very long lines (59893)
Size 226 kB (226073 bytes)
Hash b34f074f17a2ef456bfe986e51687890
8df3ac241240e95dee52ea676832b968699fc564
38d8592f2cdf8a5065fe0265dcd82044148663812dd1af0456d6c807c65c3726
GET /wp-content/themes/auto/assets/js/libs.min.js?ver=6.1 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:17:43 GMT
accept-ranges: bytes
content-length: 226073
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "37319-5dbeb6c389bc0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/right.png
78.110.50.142200 OK 1.7 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/right.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 48 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash bc8fb33e81c7c31c78b12a7d65045c34
6992a93017e670b650af30ff3e07f40f638e3ffc
56e390a44ae3edc41ca33885f1b35a4b62e9d1934836aa2ae7a1854588caa1f8
GET /wp-content/themes/auto/images/right.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:16 GMT
accept-ranges: bytes
content-length: 1726
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "6be-5dbeb4a6ce000"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/star.svg
78.110.50.142200 OK 287 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/star.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 0261c03d6da30c44cdce88c087bcad64
c396af8866f36730457a2714582615fb2279cab0
07d08d0e0bb60bce3aaa51c0e4863619c41f103d5061cebc2b8d81120ee4d53e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/star.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:56 GMT
accept-ranges: bytes
content-length: 287
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "11f-5dbeb4ccf3a00"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/star-wh.svg
78.110.50.142200 OK 285 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/star-wh.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 452814432eb699e168725adfc26a9b9b
0f04327929ed9edb5296b50c82dd3e8846ef37db
fed50f53a95318aded52d99ea000cfbb186b150112409091b590fea91d4b485c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/star-wh.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:55 GMT
accept-ranges: bytes
content-length: 285
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "11d-5dbeb4cbff7c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/roub.svg
78.110.50.142200 OK 1.1 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/roub.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1043)
Hash feeca61305353029b5b489345aa63b40
702e8d5a0744d4a40600b42d9f6cd13c8f3f25ef
addb64d24b91b68c8dc52fdae44374543818cc0293e1cc6b70710203f4cbea9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/roub.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:18 GMT
accept-ranges: bytes
content-length: 1147
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "47b-5dbeb4a8b6480"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/cart.png
78.110.50.142200 OK 2.5 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/cart.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 7fb3a6f28cfd8bf0b280c1234215bc65
79ea2bb8e77b5492fcf31d442bee1735446b0506
1bfd9649bc3aa7bf94667f0adcc02ef45f5a0fd59d4f7c87fff03b2d7a4b4cf3
GET /wp-content/uploads/2022/03/cart.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:55 GMT
accept-ranges: bytes
content-length: 2543
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "9ef-5dbeb53e705c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/left.png
78.110.50.142200 OK 388 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/left.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 20 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash cb31313c98809c7812f0d051eb53ab10
3c174d2fb4c5c85884b1fc93d46c2e7f71d4bfff
083beff062a770307e2031c9cf1f902c8ae90b275e8036cbaababd652340618e
GET /wp-content/themes/auto/images/left.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:07:20 GMT
accept-ranges: bytes
content-length: 388
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "184-5dbeb47166200"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/like.png
78.110.50.142200 OK 2.5 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/like.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash c78e353a0db452ed01f9fc1b50ed6d68
5f46995ff438889ae1763b0540125166de7f3310
05c473e6d8af746d7b6a0579f4001192536f7107e7905330b8a0669af6238e1f
GET /wp-content/uploads/2022/03/like.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:11:06 GMT
accept-ranges: bytes
content-length: 2529
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "9e1-5dbeb548ede80"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/test.png
78.110.50.142200 OK 1.5 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/test.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 86 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fbc8979734d6f31f2b57d961edbc243
14967f77065e8d263566f4b6bee5e287de9c7c84
85a0e95eac88c21f71ba9f1ca09d43ff48370655fc1c186b97537625e9a3f449
GET /wp-content/uploads/2022/03/test.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:12:37 GMT
accept-ranges: bytes
content-length: 1450
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "5aa-5dbeb59fb6b40"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/left1.png
78.110.50.142200 OK 371 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/left1.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 24 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash f3acf45cd9ba82f78c62e3581d76959c
32e57a176aec70e6135df3a580321b9c12bc0921
912ec5311a39401868de978f2b97190d975121870686369b48c9b0448f5317b0
GET /wp-content/themes/auto/images/left1.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
last-modified: Tue, 05 Apr 2022 17:07:22 GMT
etag: "173-5dbeb4734e680"
accept-ranges: bytes
content-length: 371
content-type: image/png
x-cache: MISS from hc2.hts.ru
x-cache-lookup: MISS from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/right2.png
78.110.50.142200 OK 379 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/right2.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 24 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash 2789b564b57a263b40720aaa00d82d6e
634654575d69d99bd9fe5676098507ee174d77eb
fa8d8e7652bfd5802fd9bfaaeb540fd912ec6478db9e3fae2751aeaa5cbd5f8a
GET /wp-content/themes/auto/images/right2.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:17 GMT
accept-ranges: bytes
content-length: 379
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "17b-5dbeb4a7c2240"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1884
Cache-Control: max-age=139431
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:54:25 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 09:38:16 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
mai-avto.ru/wp-content/themes/auto/images/tg.svg
78.110.50.142200 OK 7.6 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/tg.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7446)
Hash 47d1819f9a34fdd88d1761ab9fe6e4e5
790bb1c068b14507d3e5d6fe9c7d3ff60b73ed14
3772fac3909c42fd363bf86a4dd5163771c787c8550a9d7af69bd4e5964b05a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/tg.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:58 GMT
accept-ranges: bytes
content-length: 7623
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1dc7-5dbeb4cedbe80"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/auto4.jpg
78.110.50.142200 OK 74 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/auto4.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 303x180, components 3\012- data
Hash 950066e45f898c6e834a2bb2e9d004e8
5b14b25053f5c2671297e5627b15f9961a5a4717
d32b5eec783b220a07bcac5e2774debe03bfb5f3c8752a9e0b45ff95dd5d798b
GET /wp-content/uploads/2022/03/auto4.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:55 GMT
accept-ranges: bytes
content-length: 73671
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "11fc7-5dbeb53e705c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/auto3.png
78.110.50.142200 OK 89 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/auto3.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 96daf305ee969275a20ed02d9a3a927e
37eb2c7211e220f8a49e166983adca73b22bce9c
dee7620dfe4fad498257c9f5cfad4a0ceff77b7a26266b6e64683716e464b843
GET /wp-content/uploads/2022/03/auto3.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:51 GMT
accept-ranges: bytes
content-length: 89118
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "15c1e-5dbeb53a9fcc0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/man.png
78.110.50.142200 OK 408 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/man.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 553 x 820, 8-bit/color RGBA, non-interlaced\012- data
Size 408 kB (408380 bytes)
Hash b3961b82ebf917a78ebdca5b9f6d96bd
2603e3a64e7c8c46becc645095f6d5576c1e6d87
d62302dcfadc06bb8cc524973bca7b1b3a08c615d96c739cef7e6f85cc320f5e
GET /wp-content/themes/auto/images/man.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:07:50 GMT
accept-ranges: bytes
content-length: 408380
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "63b3c-5dbeb48e02580"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/arrow.svg
78.110.50.142200 OK 1.2 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/arrow.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (370)
Hash dbe8836c6ce6cbeaf0bab0aee9597100
1176019c18aa43446d4eddb8229208d534ddfbcd
c1f1cbc6748435e7bfa659502dbe48c0193e9a0e7dd7cf71c57bf2a63cbf70f5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/arrow.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:22 GMT
accept-ranges: bytes
content-length: 1223
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "4c7-5dbeb400dd880"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/auto1.png
78.110.50.142200 OK 107 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/auto1.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size 107 kB (107446 bytes)
Hash 0f16fe53935498885e895690ae1e309f
acc4c6b8ebb162492f4f674090f006bf9eb14555
a66e226c5e9b4be613bae2321f8d7d22ae5b480e1d11733b9711c456b6bdc484
GET /wp-content/uploads/2022/03/auto1.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:42 GMT
accept-ranges: bytes
content-length: 107446
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1a3b6-5dbeb5320a880"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/a5.png
78.110.50.142200 OK 105 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/a5.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size 105 kB (104647 bytes)
Hash c6992937f1b93a3f5e5309e48f152854
80aeb2a3242182273c010331807462f5002e1a5a
9bb4241465db482e09aa918d38a8c63d2603c7c37f549c92579e7d3b02c9e569
GET /wp-content/uploads/2022/03/a5.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:33 GMT
accept-ranges: bytes
content-length: 104647
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "198c7-5dbeb52975440"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/down.svg
78.110.50.142200 OK 515 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/down.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (411)
Hash d2f1109f9ed33fce5d6ebd344f1d0de0
5d531a284f19ce819003e44ea9db470ac09f4cd8
8b58cb1b793965cdd468c7c09eb26a00d1f38ab6667c0fd87919625af3ba3a87
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/down.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:06:09 GMT
accept-ranges: bytes
content-length: 515
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "203-5dbeb42db0240"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/down-c.svg
78.110.50.142200 OK 643 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/down-c.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (443)
Hash 8ea49c444888fca4f0130706d48a1511
98d4925fd9a65e5b13b207a0fe3c28f86e38d370
1606c44b1e08c65ccae0d2ca46a383ac2f4a47e623c338c9d3106ee12fb9542d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/down-c.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:06:08 GMT
accept-ranges: bytes
content-length: 643
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "283-5dbeb42cbc000"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/roubl.svg
78.110.50.142200 OK 1.2 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/roubl.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1103)
Hash cbf1373effcb2df3c44c926bb56f7f29
04c612b2952193f2cc4928764f9d70b32815583b
ee15704d5c7ab4e31699ccdba47f24a40b55b5a41a5eefce66f2e603dce83e10
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/roubl.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:18 GMT
accept-ranges: bytes
content-length: 1207
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "4b7-5dbeb4a8b6480"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/gear.png
78.110.50.142200 OK 2.6 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/gear.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash c480265bdaa3123fd209aafc58b0921f
43132f408813908ca4fd71e6f4f5f1b76a5f358d
f63af2ec5125d9f2e73f2d81d0762b05b0da17b3944ee219e45b81a3115b182f
GET /wp-content/uploads/2022/03/gear.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:11:01 GMT
accept-ranges: bytes
content-length: 2627
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "a43-5dbeb54429340"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/right1.png
78.110.50.142200 OK 407 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/right1.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 20 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d3d04284dda96ddf034f6bb989f9a21
1d8ecf43d9948e3b9c79b2973e4ae5adab040a64
eea75619c223bb1a072bfaab088b0270d810405715458ac8eb39c0e797f52825
GET /wp-content/themes/auto/images/right1.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:17 GMT
accept-ranges: bytes
content-length: 407
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "197-5dbeb4a7c2240"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/wa.svg
78.110.50.142200 OK 2.7 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/wa.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2595)
Hash 7928f0fd64ac50e060237fd69c747fcf
8c7474d0928215ec3924db41990a84812de5f0d7
5b95c6b07372c0d05fbb748c657d714e94c80480bff424ade42faeb98e66eb52
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/wa.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:09:35 GMT
accept-ranges: bytes
content-length: 2699
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "a8b-5dbeb4f2251c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/arr.svg
78.110.50.142200 OK 472 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/arr.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368)
Hash caee88dc650d137abdc2adb7a1b86f0a
9d5fd2dd7491ab275564ecba3cdd4f7353c7e8bb
9c1185afce1666cabbeb17ef04bc8fd43c79a1bb5288144867f77df4fbd0feb1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/arr.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:21 GMT
accept-ranges: bytes
content-length: 472
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1d8-5dbeb3ffe9640"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/green-arr.png
78.110.50.142200 OK 349 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/green-arr.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 50 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 8157911505a2beffe09c92521af97baf
e17d46e04c8e63be9d4a454ad6cdf7337cb3df99
0f68b3ee030570b08f11dc2ad9725628803da724e06707e1e2f508c1c6fff023
GET /wp-content/themes/auto/images/green-arr.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:06:23 GMT
accept-ranges: bytes
content-length: 349
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "15d-5dbeb43b0a1c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:54:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mai-avto.ru/wp-content/themes/auto/images/arrow-r.svg
78.110.50.142200 OK 474 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/arrow-r.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (370)
Hash b142b24c862b1d91ec81b5c39e2c6088
2039c79a18359a376712e9d522b6158898d0cf13
f663e893bc06521ba2249ac7c72affd69f820ada6eb87f67bc1963440fade8d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/arrow-r.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:22 GMT
accept-ranges: bytes
content-length: 474
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1da-5dbeb400dd880"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/right-a.svg
78.110.50.142200 OK 532 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/right-a.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (374)
Hash 1fa4f0f3757bc59203cc79219bf119ed
a3a86135e7fdfcf13806f7e99c856d7261c2412b
e6cc53aa90c850ea8f1cf7b39cec3b2a0591ddfadf8f1ab86377dc89a01d8d6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/right-a.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:16 GMT
accept-ranges: bytes
content-length: 532
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "214-5dbeb4a6ce000"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/log.png
78.110.50.142200 OK 7.6 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/log.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 148 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash dded5ed0cc2173d66feab7c2c58ec435
02669c8e37acec05227030249ee316942cecf536
f7a8c06069e28280a0ed546d1e49f76de4abf6d7101fed4c948c79329ecbe1ba
GET /wp-content/themes/auto/images/log.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:07:23 GMT
accept-ranges: bytes
content-length: 7603
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1db3-5dbeb474428c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/car5.png
78.110.50.142200 OK 10 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/car5.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 261 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash edac44cee2cfa232ddffcce1c0d43038
6156922c366fc07a1360498b0cdd5844035d909c
77d820d0117cf60dfa07a26922a527cdc92f7362cbdb09fa86013c85d8adcfb2
GET /wp-content/themes/auto/images/car5.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:56 GMT
accept-ranges: bytes
content-length: 10447
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "28cf-5dbeb4214a500"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/tg1.png
78.110.50.142200 OK 1.2 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/tg1.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash eda7abcbc9c2ac769a50dbb5f5405476
3c92398f1ba88e6b26f5f7d479ffc76d59eb4a66
d4164bc0614500aeea4c9b34b743fb4ebd4b27b0933ee87a034e4e6c2e6b19a8
GET /wp-content/themes/auto/images/tg1.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:58 GMT
accept-ranges: bytes
content-length: 1232
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "4d0-5dbeb4cedbe80"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/wa1.png
78.110.50.142200 OK 2.5 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/wa1.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 7769b9361c6b646370e8d91c2240e963
59b6905ebaddb005ba153d3fac9c94577bff0011
9e918add9c94f48f2b1f4d126ae94d84fd36143a5056b0237b96f79d40d64bd7
GET /wp-content/themes/auto/images/wa1.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:09:36 GMT
accept-ranges: bytes
content-length: 2488
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "9b8-5dbeb4f319400"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/st1.svg
78.110.50.142200 OK 4.3 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/st1.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (4268), with no line terminators
Hash d6a2c5d2a73f21b23a87b198b36cd542
66558fd24eebca5683cd8aa176dc90ead167fb64
9496b6dd018a658a72b599deb6667f56dc3146d40a19f6917f9b1eba35ce9f31
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/st1.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:12:06 GMT
accept-ranges: bytes
content-length: 4268
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "10ac-5dbeb58226580"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/mail.svg
78.110.50.142200 OK 848 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/mail.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (744)
Hash f723b40e222ec1ebe147ee46200ba1ff
c3e7cfeeba4b2ec56e08867ef2c146ba0e6e9ce8
8d162af573f3eec8d0d2ebfd89ed484cc3e00337c94fa954326db927136f7cc8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/mail.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:07:26 GMT
accept-ranges: bytes
content-length: 848
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "350-5dbeb4771ef80"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/mark.svg
78.110.50.142200 OK 1.2 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/mark.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1051)
Hash 1127a17c167d650bf80e9e65ecd444b8
f21d26c57c20087fb6ac6566dd88067e8bedd926
d980adb05ce5b2032ce9595be88ff91256ab8b62af17490dc64ffe9ed5e72bba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/mark.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:07:56 GMT
accept-ranges: bytes
content-length: 1155
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "483-5dbeb493bb300"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/st2.svg
78.110.50.142200 OK 8.1 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/st2.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (8077), with no line terminators
Hash 4be2b840a84ae966785266307fcb42d0
8c54d7bb041f1a3f1b807af2c6ebbdaa9306b3ba
5ed914bbd0d12554013e5549448d710cf235ea30e82022f45da465e30ea73dbb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/st2.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:12:07 GMT
accept-ranges: bytes
content-length: 8077
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1f8d-5dbeb5831a7c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
78.110.50.142200 OK 6.5 kB URL HTTP/2 mai-avto.ru/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 May 2022 20:42:36 GMT
accept-ranges: bytes
content-length: 6475
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "194b-5dfc7ff2c848e"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/
78.110.50.142200 OK 196 kB IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size 196 kB (196475 bytes)
Hash 5d538773f4a3b4e39722422247d29d74
fd3fcd6ed198f9cb94acea5af9a064b33c0cbd7f
064df8686257726a7b5db37d9fdc06e623b3a8b8f326ea70f18aeee605c1c5bb
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
x-powered-by: PHP/7.2.34
link: <https://mai-avto.ru/wp-json/>; rel="https://api.w.org/", <https://mai-avto.ru/wp-json/wp/v2/pages/28>; rel="alternate"; type="application/json", <https://mai-avto.ru/>; rel=shortlink
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/denisova.jpg
78.110.50.142200 OK 273 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/denisova.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 550x851, components 3\012- data
Size 273 kB (272876 bytes)
Hash ee5ba9cf35ab7198a68522cbc047ba18
91ac54f76363922320fb8db955c71bc258f439c0
db236ccd40ea48454e7eaa1513fad15c597ee8a6046540ffd3aeeafc702da256
GET /wp-content/uploads/2022/04/denisova.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:14:16 GMT
accept-ranges: bytes
content-length: 272876
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "429ec-5dbeb5fe20a00"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/korotkov.jpg
78.110.50.142200 OK 312 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/korotkov.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 550x851, components 3\012- data
Size 312 kB (311677 bytes)
Hash 0397efe6a35b4b05ed9954cd4c86fc58
5085f60cbda3be55a9a8efbf258e118272d720c5
dde28b77df4364d030ea78be775fe44a5655ecd892b0ec4496719c8d1bf6aad1
GET /wp-content/uploads/2022/04/korotkov.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:14:42 GMT
accept-ranges: bytes
content-length: 311677
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "4c17d-5dbeb616ec480"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/tel.svg
78.110.50.142200 OK 1.3 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/tel.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1200)
Hash e03604e5835cfba2b348a568f4893e1b
7038462d6f3cf74f4801363bd9cf2c7457d5987b
bfc20c09df3109c1d4cf395ede67a64d4b7668d867b19e527ca40edaf3c78f7d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/tel.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:57 GMT
accept-ranges: bytes
content-length: 1304
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "518-5dbeb4cde7c40"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js
78.110.50.142200 OK 2.3 kB URL HTTP/2 mai-avto.ru/wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
Hash 8d204ea7315baae0faffba3bb00971c5
bb5194793c7b0395450787c27c29f3da930c18cb
ecf6f42c7e04e1d7cbfc429774837faf9b8f7952b5f3022db6e2416ae56e42e6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:04:25 GMT
accept-ranges: bytes
content-length: 2300
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "8fc-5dbeb3ca81840"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/st5.svg
78.110.50.142200 OK 4.2 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/st5.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (4151), with no line terminators
Hash d650c58fbb4eaceabc95f51e94ac9a63
3f3543ffbfd53d303b885b7526ca56f4eaf20185
097ba4ce75a9ba33344a03432ef0b744f17c794b1d3636d6acf306667478a430
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/st5.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:12:12 GMT
accept-ranges: bytes
content-length: 4151
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1037-5dbeb587df300"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/st4.svg
78.110.50.142200 OK 5.2 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/st4.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (5236), with no line terminators
Hash 343d1414364ddd5a7f967723ca5c9a2b
a0558d4dbdd051261b224139c8e25db88bc6b793
580e866331134577bb5f0108f69f456205904f75555fd86ae682eb5568cf8c94
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/st4.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:12:11 GMT
accept-ranges: bytes
content-length: 5236
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1474-5dbeb586eb0c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/plus.svg
78.110.50.142200 OK 248 B URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/plus.svg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash ce33d9fffbc105c14cc77087f413bfe3
d7057252ee785afc9e8f7d0f486ad56819db9eed
78cdf24a5a537c26a26817b805f8d5773b716769f6cfec89532c5ca4ad3c3d49
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/images/plus.svg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:15 GMT
accept-ranges: bytes
content-length: 248
content-type: image/svg+xml
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "f8-5dbeb4a5d9dc0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/8.png
78.110.50.142200 OK 299 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/8.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 464 x 662, 8-bit/color RGBA, non-interlaced\012- data
Size 299 kB (299434 bytes)
Hash 3fce656f553aa753e4188886667372df
3360b0981c1518d183109997c98b9d06cbdc5057
5cafbee9899f7efe337ddca6495572f21e31af6f8889e24e33a33a7c1295ab7e
GET /wp-content/uploads/2022/04/8.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:13:36 GMT
accept-ranges: bytes
content-length: 299434
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "491aa-5dbeb5d7fb000"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/web.png
78.110.50.142200 OK 2.2 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/web.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 36 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e083e5492a547ded3e95b8a4ea72e23
5f3d76cfd955461ff166fea6e210ce3b63d9f615
f79bb125d143a462c454a7b8324a06e1cb70543c94470fcc1ff230e5a5677950
GET /wp-content/themes/auto/images/web.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:09:36 GMT
accept-ranges: bytes
content-length: 2152
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "868-5dbeb4f319400"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/auto2.png
78.110.50.142200 OK 100 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/auto2.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 507cf6b649f2cb237043311d2fd75233
4558a4b4074886b23fa7b61f40600ea2354f612a
fb51a21a85c578f98756a310fda6d93b2d4fbab1ea49fb8aaf4e6b5657e72793
GET /wp-content/uploads/2022/03/auto2.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:47 GMT
accept-ranges: bytes
content-length: 99666
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "18552-5dbeb536cf3c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/video.jpg
78.110.50.142200 OK 644 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/video.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1605x844, components 3\012- data
Size 644 kB (643931 bytes)
Hash e1df0eba12840e038582bd017450e768
a99d369d68c0a37bc41c11e0774d103d91a07f86
4860a9a0c3fe4354ca793df10493b4d8957a00b90faab5caf046d6200b811780
GET /wp-content/uploads/2022/03/video.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:13:00 GMT
accept-ranges: bytes
content-length: 643931
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "9d35b-5dbeb5b5a5f00"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6
78.110.50.142200 OK 999 B URL HTTP/2 mai-avto.ru/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type ASCII text, with very long lines (999), with no line terminators
Hash 6a0e8318d42803736d2fafcc12238026
c955314a7e0a9a9871329b0f042c8f0b5df49a78
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:15:40 GMT
accept-ranges: bytes
content-length: 999
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "3e7-5dbeb64e3c700"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
78.110.50.142200 OK 9.7 kB URL HTTP/2 mai-avto.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:15:36 GMT
accept-ranges: bytes
content-length: 9720
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "25f8-5dbeb64a6be00"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
78.110.50.142200 OK 18 kB URL HTTP/2 mai-avto.ru/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 08:32:03 GMT
accept-ranges: bytes
content-length: 17823
content-type: application/javascript
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "459f-5ec78acd6c79f"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Lf-RGkfAAAAAOofyo8Z0IQ3MLAVnEkQgG4l-skU&ver=3.0
142.250.74.164200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lf-RGkfAAAAAOofyo8Z0IQ3MLAVnEkQgG4l-skU&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 513dcc4acef5d2c8bab7d0a79daa662c
709fd23b301f81399e2a50e0753763729b9de467
a8dd81a63f9209178c479b88900d04caf3d295ccbaff53e4b6d25bae08237fa0
GET /recaptcha/api.js?render=6Lf-RGkfAAAAAOofyo8Z0IQ3MLAVnEkQgG4l-skU&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 11 Nov 2022 18:54:25 GMT
date: Fri, 11 Nov 2022 18:54:25 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/p2.jpg
78.110.50.142200 OK 54 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/p2.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 412x175, components 3\012- data
Hash bd7660c2a52e3225c3bc5b269f2ea749
1bfbffdba77e9aed1b314a1f7a68286aacc0726d
c735f97cde2b7b5e68d6d518f6af9fa5d2077fcaa244a6d683e6a5b3f800c45b
GET /wp-content/uploads/2022/03/p2.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:11:59 GMT
accept-ranges: bytes
content-length: 54549
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "d515-5dbeb57b795c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/p1.jpg
78.110.50.142200 OK 51 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/p1.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 412x175, components 3\012- data
Hash efbcf6dac3b62045a7661c640adcb9bf
0753cdcb427964668e22d5322be7337857f33d1b
a042b813c71f3e0d6bb8ed24a5cb12b60a8701cf412852ad855ef91370537ce0
GET /wp-content/uploads/2022/03/p1.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:12:02 GMT
accept-ranges: bytes
content-length: 51368
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "c8a8-5dbeb57e55c80"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/a4.png
78.110.50.142200 OK 75 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/a4.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 17af248ae536793c6a623d38363edfee
29bb5ac385a1cf9e65626c53a852cec5987ba990
22c1b2f2606ca0edacdd299cde6d62556e81e541171ae920d3486035f9dbf9ce
GET /wp-content/uploads/2022/03/a4.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:25 GMT
accept-ranges: bytes
content-length: 75164
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1259c-5dbeb521d4240"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/a2.png
78.110.50.142200 OK 90 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/a2.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash b851afa43573d43bdab86fe7b3baa1ed
ef46ace93d16ee0f021a1db1c1ac64c9186f37ec
c271a5ddcccfdc6fcccbce78f61a6a3cbd78fea0224d70cacebb481cdf7a6c8a
GET /wp-content/uploads/2022/03/a2.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:17 GMT
accept-ranges: bytes
content-length: 90426
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1613a-5dbeb51a33040"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/a6.png
78.110.50.142200 OK 93 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/a6.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e9a923f728386495f9799bcdde8e7ee
7d31fc3427ed903cb6ce93981be0c777587f9556
e605932fb4aa2b75c80cc3ba099828264bea695aa0992c5a4b0e0c78ddc7bb76
GET /wp-content/uploads/2022/03/a6.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:37 GMT
accept-ranges: bytes
content-length: 93022
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "16b5e-5dbeb52d45d40"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/a3.png
78.110.50.142200 OK 96 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/a3.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ca66ca1807e1584a2f7a0e56808d704
4d24e95f2b50f0f7ecc39312ddf5263f5b14a29d
82b45384d03dbd94a98edb5d84bc2a9f24d69b0aaa64fc7447e1a0374f4e3048
GET /wp-content/uploads/2022/03/a3.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:10:20 GMT
accept-ranges: bytes
content-length: 96127
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1777f-5dbeb51d0f700"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/4.png
78.110.50.142200 OK 161 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/4.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 464 x 412, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (160815 bytes)
Hash f1b7502f46f3581235987e595053f40c
e192a3058e27fa4fbb1d84cbf8de212e385ff36c
00881b091b0b52b0b65278b10e2f3758d176ce75d1a07904750452ee1fc54839
GET /wp-content/uploads/2022/04/4.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:13:15 GMT
accept-ranges: bytes
content-length: 160815
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "2742f-5dbeb5c3f40c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/3.png
78.110.50.142200 OK 134 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/3.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 462 x 336, 8-bit/color RGBA, non-interlaced\012- data
Size 134 kB (134188 bytes)
Hash 6007540dcf5ce55d6daa8c3530ff2221
b6be46423c7d9c46bc2c95cc4fd595ae0f6f180c
436591120e766ce8432d9035f06593f68443f0b01027005068e1760fb22c8ddd
GET /wp-content/uploads/2022/04/3.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:13:11 GMT
accept-ranges: bytes
content-length: 134188
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "20c2c-5dbeb5c0237c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/6.png
78.110.50.142200 OK 176 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/6.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 480 x 448, 8-bit/color RGBA, non-interlaced\012- data
Size 176 kB (175715 bytes)
Hash 200b5aeada9ae7a5bc1314df57f7dd3e
ecc802f108ae32e7ed821345f3fd21c33eddec81
12d3217ddc98c49992b8c11ca707a0375b6ec861e1e422f6b118aa3bbd3a2e2a
GET /wp-content/uploads/2022/04/6.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:13:25 GMT
accept-ranges: bytes
content-length: 175715
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "2ae63-5dbeb5cd7d740"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/med.png
78.110.50.142200 OK 275 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/med.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 1004 x 294, 8-bit/color RGBA, non-interlaced\012- data
Size 275 kB (274580 bytes)
Hash c2cccb824e89e610d011575bcee60d72
4adb7881995b7d8a94c245f1152568d96bb219b8
fc3985aa16b70ca699b2a081b0104f32b9dbbfbb472dcce534bcd9a17dfb8af4
GET /wp-content/uploads/2022/03/med.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:11:52 GMT
accept-ranges: bytes
content-length: 274580
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "43094-5dbeb574cc600"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/2.png
78.110.50.142200 OK 198 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/2.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 480 x 532, 8-bit/color RGBA, non-interlaced\012- data
Size 198 kB (198289 bytes)
Hash ef40158bfbba576850969eaa1d961cf9
b32eabee9c01cccba059b0191acf10a5865d5a24
23882abcb8a3ddacbb7b4f51a270e0729e00a522e77d5b81215619c82d3fbbc3
GET /wp-content/uploads/2022/04/2.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:13:01 GMT
accept-ranges: bytes
content-length: 198289
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "30691-5dbeb5b69a140"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/5.png
78.110.50.142200 OK 258 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/5.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 466 x 578, 8-bit/color RGBA, non-interlaced\012- data
Size 258 kB (257808 bytes)
Hash 5e60843cc85706c9e5fdc2983d7c6dfe
0cafec8e65508db6e3fae9aeb45f7813a19ce125
27444bc6a108c311470b99ef32f1ee2dcdf1ff290a07da5c4b21c28d5f4ba686
GET /wp-content/uploads/2022/04/5.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:13:22 GMT
accept-ranges: bytes
content-length: 257808
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "3ef10-5dbeb5caa1080"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/car1.png
78.110.50.142200 OK 29 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/car1.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 601 x 262, 8-bit/color RGBA, non-interlaced\012- data
Hash da40cbea7d01a9be87e84fedbc7133d6
3a11cb462584f91daed5f4031f29fa4ff7d0d226
46eabe734828b7aa0d0c528f4d411ae57bd2777e4bc06ef3f3aaa2917cd25982
GET /wp-content/themes/auto/images/car1.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:49 GMT
accept-ranges: bytes
content-length: 28740
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "7044-5dbeb41a9d540"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/car2.png
78.110.50.142200 OK 14 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/car2.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 810 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash bf977de75cf91ac439538ebdf8c2d896
fdc956dbbdce5a435564d1f295bd2933b8dde21f
257b2edda2f33b341e620bbac819ba16d91b1441bfe3cce7f49229bef2a94d08
GET /wp-content/themes/auto/images/car2.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:51 GMT
accept-ranges: bytes
content-length: 13940
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "3674-5dbeb41c859c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/dots1.png
78.110.50.142200 OK 1.1 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/dots1.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 201 x 252, 8-bit/color RGBA, non-interlaced\012- data
Hash b8ac91ec8187fe88d1d99d84fc8bac55
a28ab4d885b0e62ab5c82a958565d1e3a0db9f9f
24370fa3145392ec8f82e2dc2d3e894ccaf54a87f8433abba86b35eaa5e801b7
GET /wp-content/themes/auto/images/dots1.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:06:08 GMT
accept-ranges: bytes
content-length: 1103
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "44f-5dbeb42cbc000"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/dot2.png
78.110.50.142200 OK 4.7 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/dot2.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 341 x 186, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bbbcbb1e647cfe0d9d3eb6e12655457
49445f437ddb6fabd4148ada952e6cf2e0df34a7
b6e0a08e14be27946b07a0f811459fea1d2bba1c066db4eb637794341810c7bf
GET /wp-content/themes/auto/images/dot2.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:06:07 GMT
accept-ranges: bytes
content-length: 4728
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1278-5dbeb42bc7dc0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/u2.png
78.110.50.142200 OK 4.5 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/u2.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 228 x 228, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b86b589c0ec77eafe57e1b88a685738
5fc5aba1ef2f51bb43e8d1a8488838da51fadc24
bb5e12d1670c668a697bbd05811a8a4fb1feaee21c83c55d31020f2767015b6c
GET /wp-content/themes/auto/images/u2.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:09:18 GMT
accept-ranges: bytes
content-length: 4537
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "11b9-5dbeb4e1eeb80"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/u.png
78.110.50.142200 OK 5.3 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/u.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 303 x 231, 8-bit/color RGBA, non-interlaced\012- data
Hash 0376a7e170598dc5c60d522fd193b7fb
98c03e81d0f31a22385e05497a2b22fd8df688c8
8a848de1e96a88e90932f5dddac44b4c3e3698c236b5e6d61bbcf0347902dbdf
GET /wp-content/themes/auto/images/u.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
last-modified: Tue, 05 Apr 2022 17:09:18 GMT
etag: "1493-5dbeb4e1eeb80"
accept-ranges: bytes
content-length: 5267
content-type: image/png
x-cache: MISS from hc2.hts.ru
x-cache-lookup: MISS from hc2.hts.ru:80
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BerBBkeoVM5WOVr6M5yDnw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oAbd3uSLetcQgYZdrEjgIUIjwVs=
mai-avto.ru/wp-content/themes/auto/images/u3.png
78.110.50.142200 OK 6.0 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/u3.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 275 x 361, 8-bit/color RGBA, non-interlaced\012- data
Hash b2cb2cca7984e7fe08f48f7d110336f9
b2934ae89c7f22c97cece21f0b5863d914344d42
c24233c3b254716beb2339ca528101f78caa2888740525c0603018fa20226bab
GET /wp-content/themes/auto/images/u3.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:09:19 GMT
accept-ranges: bytes
content-length: 5976
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1758-5dbeb4e2e2dc0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/s.jpg
78.110.50.142200 OK 215 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/s.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1605x708, components 3\012- data
Size 215 kB (214754 bytes)
Hash 248e0f34ead0e25aa712e6aeadaa376a
efb8278262fd1b63307ec34f0f13c1b2d0f98b25
551967ca7d69010236f4c2917f0f56524b6f1e4e3a2452b17f4e6e1fdd767d56
GET /wp-content/themes/auto/images/s.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:08:26 GMT
accept-ranges: bytes
content-length: 214754
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "346e2-5dbeb4b057680"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/hand.png
78.110.50.142200 OK 839 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/hand.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 1144 x 1194, 8-bit/color RGBA, non-interlaced\012- data
Size 839 kB (839179 bytes)
Hash 3dd794a3cbb8853e23e10230e57556c7
5adb08076c51956c3f2bc04579448d05b4dde299
08dce940cd1773fcfc6ecd8f49e440c8de7b2c94cfc02f1472023dab9c3f71ef
GET /wp-content/themes/auto/images/hand.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:06:53 GMT
accept-ranges: bytes
content-length: 839179
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "cce0b-5dbeb457a6540"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 05bb9af901ca5b651e88fcbe236711f5
18412da7fc2d868fc74bc3e7c44b4add4bbbdef9
9b87e90e4f5356da47fd562f7d06c8fbdef90d011e8c20e5687afbeaf6e7d29b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:54:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mai-avto.ru/wp-content/themes/auto/assets/fonts/SegoeUI-SemiBold.woff
78.110.50.142200 OK 193 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/fonts/SegoeUI-SemiBold.woff
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type Web Open Font Format, TrueType, length 193196, version 5.0\012- data
Size 193 kB (193196 bytes)
Hash 1b14ce9a2a4021a0946936d2dc0344e9
c21ff58b1c841d301ff74e043c1c544161df5822
f22e117c99868f8f11d69f39768e5e7b83b262d6e7c8de85305bfdb3ca47b4c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/fonts/SegoeUI-SemiBold.woff HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:17:19 GMT
accept-ranges: bytes
content-length: 193196
content-type: font/woff
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "2f2ac-5dbeb6aca65c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/assets/fonts/ProximaNova-Regular.woff
78.110.50.142200 OK 52 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/fonts/ProximaNova-Regular.woff
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type Web Open Font Format, TrueType, length 52396, version 2.3\012- data
Hash 2d2ae2556b24a45ff8d5ed86b07b5783
0822c310a60c575dc88a74a53df20b46c8c97bd4
81c6d1a13227777d009f275f5ecb80bd6c780d2843b9b18fe2809ff9822a2066
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/fonts/ProximaNova-Regular.woff HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:17:03 GMT
accept-ranges: bytes
content-length: 52396
content-type: font/woff
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "ccac-5dbeb69d641c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/car4.png
78.110.50.142200 OK 33 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/car4.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 536 x 262, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ef3c61462452a23dc142112cb57f1f1
4495ef51ef7d416d70c15e0590fbf1e53e84f47d
e38da88173f07756ec27455941358423fe4b901cf257eb129d3b5f9fa1731999
GET /wp-content/themes/auto/images/car4.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:55 GMT
accept-ranges: bytes
content-length: 32792
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "8018-5dbeb420562c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/assets/fonts/ProximaNova-Bold.woff
78.110.50.142200 OK 52 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/fonts/ProximaNova-Bold.woff
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type Web Open Font Format, TrueType, length 52068, version 2.3\012- data
Hash e2cf3dc2f079bf3d5185a02552f153c4
9e900ba7e0890a12a5697fc7ce86c058b145d215
99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/fonts/ProximaNova-Bold.woff HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:16:57 GMT
accept-ranges: bytes
content-length: 52068
content-type: font/woff
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "cb64-5dbeb697ab440"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/assets/fonts/ProximaNova-Semibold.woff
78.110.50.142200 OK 52 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/fonts/ProximaNova-Semibold.woff
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type Web Open Font Format, TrueType, length 51896, version 2.3\012- data
Hash 8feb512e78c18175c552af2be6ae2e02
f7d4773719a44cfd36674372bc8990b29ef4fd40
e3c22516771aea640173ca7a1a69e7cdb8039cfdc40d1885734be99ac5efa195
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/fonts/ProximaNova-Semibold.woff HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:17:07 GMT
accept-ranges: bytes
content-length: 51896
content-type: font/woff
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "cab8-5dbeb6a134ac0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/3.png
78.110.50.142200 OK 364 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/3.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 410 x 728, 8-bit/color RGBA, non-interlaced\012- data
Size 364 kB (363493 bytes)
Hash d87c427cde37002f1f2a1b7945657e4b
0432f49d5b7ba05e74ac4f9c3e75f884236a69ac
258ddbdfb707b1d9703eb6916878782e08774528ae46282e35c0e5ae409f5cd2
GET /wp-content/themes/auto/images/3.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:13 GMT
accept-ranges: bytes
content-length: 363493
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "58be5-5dbeb3f848440"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash a2d7f90e60ba7170bd25e2d3103cf901
a027a1ab69ce6264c1adbec776f4cca5be14b14e
dc26baab5a3af8b9da2ed3f2f03a0afb40665022727193c887b3eaddb9270051
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:54:25 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:24:57 GMT
ETag: "a027a1ab69ce6264c1adbec776f4cca5be14b14e"
Last-Modified: Fri, 11 Nov 2022 17:24:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1170
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76893c81fcc40b65-OSL
mai-avto.ru/wp-content/themes/auto/images/ajax-loader.gif
78.110.50.142200 OK 4.2 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/ajax-loader.gif
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /wp-content/themes/auto/images/ajax-loader.gif HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/assets/css/libs.min.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:05:21 GMT
accept-ranges: bytes
content-length: 4178
content-type: image/gif
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1052-5dbeb3ffe9640"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/boy.png
78.110.50.142200 OK 519 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/boy.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 564 x 719, 8-bit/color RGBA, non-interlaced\012- data
Size 519 kB (519186 bytes)
Hash a1c36c7ca0f10b70199ab5a1502e3ec7
da0e4cab6b35ca531d4d3f295ccdb2317304de58
8aacc31c949c93c21562e4d9190aaf90529c9f2babf361ba8fdce8ad38f2dec1
GET /wp-content/themes/auto/images/boy.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:06:05 GMT
accept-ranges: bytes
content-length: 519186
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "7ec12-5dbeb429df940"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/assets/fonts/SegoeUI.woff
78.110.50.142200 OK 246 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/fonts/SegoeUI.woff
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type Web Open Font Format, TrueType, length 245844, version 5.5\012- data
Size 246 kB (245844 bytes)
Hash ee10411f11ca61338f5bcaebefbdf700
4c720d1b7f057aa38a9ac184bc209990778dc651
88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/fonts/SegoeUI.woff HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:17:36 GMT
accept-ranges: bytes
content-length: 245844
content-type: font/woff
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "3c054-5dbeb6bcdcc00"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash ec5e114adf74cf4dea365cf11a3e4c86
c0bc5d928b6aa65619428697b8216ec609c124bd
e121a245faacf2d389baacac140e2c6296c1b7ee7b4162fcfc49f57e4374392c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:54:25 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:18:16 GMT
ETag: "c0bc5d928b6aa65619428697b8216ec609c124bd"
Last-Modified: Fri, 11 Nov 2022 17:18:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1170
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76893c831dd30b65-OSL
mai-avto.ru/wp-content/themes/auto/assets/fonts/Montserrat-ExtraBold.woff
78.110.50.142200 OK 139 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/assets/fonts/Montserrat-ExtraBold.woff
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type Web Open Font Format, TrueType, length 138740, version 0.0\012- data
Size 139 kB (138740 bytes)
Hash 28eef764f61e16cec1a528eaba86f491
d5994b1b5591eb004da1357297653cae4eb9b02a
5ba170e9a1187ca539fbb55c6ac8ab845546d6a93b502826037f8882bf0a8471
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/auto/assets/fonts/Montserrat-ExtraBold.woff HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:16:37 GMT
accept-ranges: bytes
content-length: 138740
content-type: font/woff
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "21df4-5dbeb68498740"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
yandex.ru/map-widget/v1/?um=constructor%3Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed&source=constructor
77.88.55.50200 OK 25 kB URL HTTP/2 yandex.ru/map-widget/v1/?um=constructor%3Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed&source=constructor
IP 77.88.55.50:0
Hash 33207168a8cf561f2a8de7ddd18ddfcc
a97d8acbb06c308a69f8c6a9a7ad20983eaa0bf6
06eb7aba9af5e72498506f790719a8ca6d1cf52db334263b57e2ced2a6ca4aca
GET /map-widget/v1/?um=constructor%3Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed&source=constructor HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: default-src 'self';connect-src 'self' yastatic.net *.yandex.net *.yandex.ru *.yandex.com *.yandex-team.ru yandex.ru yandex.ua yandex.com.tr yandex.com yandex.kz yandex.uz mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yandexmetrica.com:*;frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net;img-src 'self' data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net *.yandex.net *.yandex.com *.yandex-team.ru mc.yandex.ru mc.yandex.az mc.yandex.ua mc.yandex.com.tr mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.uz mc.yandex.by mc.yandex.kz mc.yandex.kg mc.yandex.fr mc.yandex.tj mc.yandex.lv mc.yandex.lt mc.yandex.md mc.yandex.tm mc.yandex.ee yandex.ru yandex.ua yandex.com.tr yandex.com yandex.kz yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru;script-src 'self' 'unsafe-inline' 'unsafe-eval' yastatic.net *.yandex.net *.yandex.ru *.yandex.com *.yandex-team.ru https://*.yandex.net https://*.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.uz mc.webvisor.com mc.webvisor.org 'nonce-b6042175c6774da69b93bc4877853f58';child-src 'self' data: blob: mc.yandex.ru yandex.st *.yandex.net *.yandex.ru *.yandex.com *.yandex-team.ru https://*.yandex.net https://*.yandex.ru;style-src 'self' blob: 'unsafe-inline' yandex.st yastatic.net yastat.net;font-src data: yandex.st *.yandex.net *.yandex.ru *.yandex.com *.yandex-team.ru yastatic.net;media-src data: yastatic.net *.yandex.net *.yandex.ru yandex.st yastat.net;report-uri https://csp.yandex.net/csp?from=map-widget&project=maps&yandexuid=1781554261668192865
vary: Accept-Encoding
date: Fri, 11 Nov 2022 18:54:25 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
set-cookie: yandexuid=1781554261668192865; Path=/; Domain=.yandex.ru; Expires=Sun, 10 Nov 2024 18:54:25 GMT; SameSite=None; Secure
is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Sun, 10 Nov 2024 18:54:25 GMT; SameSite=None; Secure
is_gdpr_b=CIyaHxDtlAEYAQ==; Path=/; Domain=.yandex.ru; Expires=Sun, 10 Nov 2024 18:54:25 GMT; SameSite=None; Secure
_yasc=hnWA2xHlcofTZq7C2N5g2Eg/HeonX6w2xBICnr4dbGQyya9Q9ZE1I9O/xKHd6Q==; domain=.yandex.ru; path=/; expires=Mon, 08-Nov-2032 18:54:25 GMT; secure
i=LcnuTuJrE82Xuj6IlzElqykAvJyDD19pxeOskHVwZd4RIhmpFRQqZkvRpCe5VXSeJEPETJTdkNj1l53l3ZLd7o4XN1w=; Expires=Sun, 10-Nov-2024 18:54:25 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
x-xss-protection: 1; mode=block
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, proxy-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/adamiya-2.jpg
78.110.50.142200 OK 567 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/adamiya-2.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 824x1274, components 3\012- data
Size 567 kB (566845 bytes)
Hash 8e56dd36a92fd6bfa5db2c3ecea9dbe3
02577d355e739b2997834c467e548a6c0803ad87
1f6adab1a7f387ea0f1a4a2f84cf97a4c468df443813c93901b18d3a7baf59c7
GET /wp-content/uploads/2022/04/adamiya-2.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:14:04 GMT
accept-ranges: bytes
content-length: 566845
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "8a63d-5dbeb5f2aef00"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash ec5e114adf74cf4dea365cf11a3e4c86
c0bc5d928b6aa65619428697b8216ec609c124bd
e121a245faacf2d389baacac140e2c6296c1b7ee7b4162fcfc49f57e4374392c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:54:25 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:18:16 GMT
ETag: "c0bc5d928b6aa65619428697b8216ec609c124bd"
Last-Modified: Fri, 11 Nov 2022 17:18:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1170
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76893c833df20b65-OSL
www.w3schools.com/html/mov_bbb.mp4
192.229.133.221206 Partial Content 73 kB URL HTTP/2 www.w3schools.com/html/mov_bbb.mp4
IP 192.229.133.221:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Hash 140513d227a209c4d9e521f116536ff0
ae2c5fa9af0b8faf4d5f48ba89c4e9e05e2d54ac
a0af33ba22f76c9a1c1f35ae6e5b8ada40493d76d76a276979f65cbcba419d9e
GET /html/mov_bbb.mp4 HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
accept-ranges: bytes
age: 5956
cache-control: public,max-age=14400,public
content-range: bytes 0-788492/788493
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: video/mp4
date: Fri, 11 Nov 2022 18:54:25 GMT
etag: "04d627ecaf5d81:0"
last-modified: Fri, 11 Nov 2022 12:38:26 GMT
server: ECS (ska/F717)
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 788493
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/happy.png
78.110.50.142200 OK 792 kB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/happy.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 1604 x 727, 8-bit/color RGBA, non-interlaced\012- data
Size 792 kB (792090 bytes)
Hash 408d65ac93d1fa731e61b03c5ab51e49
1bbf20351a7b274f19ffff39e0284375a423ecbd
4eec9152da899a72ea29ee8a37bf8b124a7ac128d04dfeeb53e96ab896aed6de
GET /wp-content/themes/auto/images/happy.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/wp-content/themes/auto/style.css?ver=6.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:07:12 GMT
accept-ranges: bytes
content-length: 792090
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "c161a-5dbeb469c5000"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/themes/auto/images/top.png
78.110.50.142200 OK 1.4 MB URL HTTP/2 mai-avto.ru/wp-content/themes/auto/images/top.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 1582 x 946, 8-bit/color RGBA, non-interlaced\012- data
Size 1.4 MB (1441261 bytes)
Hash ce45971994cd08fa2996bac9fde88e0f
b0dbafd828ceffb31f8b89a85fc2130e3142e19e
034dc2e96fff86ccb681b5de7fc61ddca58a678cb82c10051e2e89687ea4570a
GET /wp-content/themes/auto/images/top.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:09:39 GMT
accept-ranges: bytes
content-length: 1441261
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "15fded-5dbeb4f5f5ac0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
yastatic.net/islands/_/SmqPmIMEXrW4lOY8QrhTUVDbrro.woff
178.154.131.216200 OK 52 kB URL HTTP/2 yastatic.net/islands/_/SmqPmIMEXrW4lOY8QrhTUVDbrro.woff
IP 178.154.131.216:0
File type Web Open Font Format, TrueType, length 52450, version 0.0\012- data
Hash 61e3af7f9e6ea0118dc2f83766e0bf97
8b9246058f96a39f565a0ba9d10fbffcc47e56f7
01f4ab55e3641572504a216d3d65256e9ed926584dba9495ce5ac4566aafde78
GET /islands/_/SmqPmIMEXrW4lOY8QrhTUVDbrro.woff HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:26 GMT
content-type: application/font-woff
content-length: 52454
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: "61e3af7f9e6ea0118dc2f83766e0bf97"
expires: Sun, 12 Nov 2023 00:42:00 GMT
last-modified: Tue, 22 Jan 2019 17:14:44 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: e7b41d89f2912b68
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-base/a2f40b6c7e330ffba374.ru.js
178.154.131.216200 OK 85 kB URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-base/a2f40b6c7e330ffba374.ru.js
IP 178.154.131.216:0
File type Unicode text, UTF-8 text, with very long lines (65423), with no line terminators
Hash 7581def4ce5d81dde498ab2f536c4525
fc56df31a62470acfea7742f98682611235befe8
79f539bfdcd388e0a05145a6d3494495fdef4896ed822eb56d1af249c87b501c
GET /s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-base/a2f40b6c7e330ffba374.ru.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"fa61f8c51fa0e7f1b99298f21092b7d5"
expires: Sun, 12 Nov 2023 00:39:55 GMT
last-modified: Wed, 09 Nov 2022 13:29:20 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 35aea916eb314cf1
X-Firefox-Spdy: h2
yastatic.net/islands/_/KtHQR1erf3spayoIM4M4ngg0e2E.woff
178.154.131.216200 OK 52 kB URL HTTP/2 yastatic.net/islands/_/KtHQR1erf3spayoIM4M4ngg0e2E.woff
IP 178.154.131.216:0
File type Web Open Font Format, TrueType, length 52370, version 0.0\012- data
Hash cfd09dfc3c59dfc2d3eff503fa7abd5a
1cf56448e351dc8474ebdba1d27d348be7d31980
77159f239b3c8dc274d1143538081a4c7e8ce94882a1055713468ab0f2708021
GET /islands/_/KtHQR1erf3spayoIM4M4ngg0e2E.woff HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:26 GMT
content-type: application/font-woff
content-length: 52374
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: "cfd09dfc3c59dfc2d3eff503fa7abd5a"
expires: Sun, 12 Nov 2023 00:41:24 GMT
last-modified: Tue, 22 Jan 2019 17:00:46 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: db7165919f1f102e
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:54:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mai-avto.ru/wp-content/uploads/2022/03/logo.png
78.110.50.142200 OK 8.2 kB URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/logo.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
File type PNG image data, 128 x 124, 8-bit/color RGBA, non-interlaced\012- data
Hash 032b3e245f3b66582b362c8a6e76e4e6
c4f73d89bbd3cc8818e61ed91460336590a00ecf
e0719f7d2ec61e792c3c812193ec87a3675dcc4d3da1182c25b195ae4f2248d9
GET /wp-content/uploads/2022/03/logo.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:11:07 GMT
accept-ranges: bytes
content-length: 8152
content-type: image/png
date: Fri, 11 Nov 2022 18:56:14 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1fd8-5dbeb549e20c0"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-app/ff1452c134c54fa9141e.ru.js
178.154.131.216200 OK 121 kB URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-app/ff1452c134c54fa9141e.ru.js
IP 178.154.131.216:0
File type Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size 121 kB (121191 bytes)
Hash 545531b5ab7737af6cfa5078f6e5a3a9
36a32611f88c16c1e15f8b32194c70072f485e9d
61a4b1b0cdfea493e20a04aaf02c6a44208d39d85c57cdf49f1aa721a678dbae
GET /s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-app/ff1452c134c54fa9141e.ru.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"6a7efe24d6d73657bf0b04732dea1046"
expires: Sun, 12 Nov 2023 00:39:47 GMT
last-modified: Thu, 10 Nov 2022 08:30:12 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 7121b9d931538a00
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/p3.jpg
78.110.50.142200 OK 938 B URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/p3.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
Hash 7ef0e1ddfd64e4d9797b95d0b2854ff7
2f33676574428b29cc77658fc76e8fafb7923f1e
85aa5bbb48f624ce3ba0b83a697563c0a07df9eb6d904edc5a0dc78961965b38
GET /wp-content/uploads/2022/03/p3.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:12:02 GMT
accept-ranges: bytes
content-length: 52270
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "cc2e-5dbeb57e55c80"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/834827ee7334b019782f.css
178.154.131.216200 OK 1.0 kB URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/834827ee7334b019782f.css
IP 178.154.131.216:0
File type ASCII text, with very long lines (1742), with no line terminators
Hash f1b8c18ea30617302f9f16a380ad2d2b
c6227c922168fda2fde4304c7ceff6598be1289d
df8369495aafd97b7bd59477e5ed24f3478d619930b43c2ba2677532b53f3806
GET /s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/834827ee7334b019782f.css HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:26 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"ac6402911b305129ac134d5bd2bdd37f"
expires: Sun, 12 Nov 2023 00:39:57 GMT
last-modified: Thu, 10 Nov 2022 08:30:12 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: de0f41e1c2247744
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag_turbo.js
87.250.251.119200 OK 31 kB URL HTTP/2 mc.yandex.ru/metrika/tag_turbo.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (594)
Hash a6675b3ae6ef687c04952b8a005e5052
daefd3c0ec990ddbbce13d3b68e399392ab68cc5
5c04fcdf1ff2044fbdd59a5deca426766a58df4731f32846a1a880e375616882
GET /metrika/tag_turbo.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-length: 30758
date: Fri, 11 Nov 2022 18:54:26 GMT
access-control-allow-origin: *
etag: "63575841-7826"
expires: Fri, 11 Nov 2022 19:54:26 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 6bb9990fc521832208f25ccf5261b719
be8acfb80dfc034d5cbd7dabb318ea8853762c10
677f03256dacdc519c12971fd422fe1afa0ecca3864f4e8f7aa0bed4eecd9c38
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73397
date: Fri, 11 Nov 2022 18:54:26 GMT
access-control-allow-origin: *
etag: "63575841-11eb5"
expires: Fri, 11 Nov 2022 19:54:26 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A949753364236%3Ahid%3A670474967%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A430617642%3Au%3A1668192866761302753%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C%2C%2C%2C807%3Ast%3A1668192866%3At%3Amap%20frame
87.250.251.119302 Found 236 B URL HTTP/2 mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A949753364236%3Ahid%3A670474967%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A430617642%3Au%3A1668192866761302753%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C%2C%2C%2C807%3Ast%3A1668192866%3At%3Amap%20frame
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash dacc916547e8bfdc270e19c8f797e3b9
2cac40b4c9e8f4f6690f6efbbc3c59575d9cb20d
e98f095b151d294f3182d3438f6f6af4093d995c19f99cfe9d458dadda4b56b2
GET /watch/3?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A949753364236%3Ahid%3A670474967%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A430617642%3Au%3A1668192866761302753%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C%2C%2C%2C807%3Ast%3A1668192866%3At%3Amap%20frame HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A949753364236%3Ahid%3A670474967%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A430617642%3Au%3A1668192866761302753%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C%2C%2C%2C807%3Ast%3A1668192866%3At%3Amap%20frame
date: Fri, 11 Nov 2022 18:54:26 GMT
access-control-allow-origin: https://yandex.ru
set-cookie: yandexuid=6457237271668192866; Expires=Sat, 11-Nov-2023 18:54:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6457237271668192866; Expires=Sat, 11-Nov-2023 18:54:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=278855441668192866; Path=/; SameSite=None; Secure
i=e9CZ6yNOlsvIOT+Fy9Wb5CpkFZYbaVO1SlMlquILFK0RqcKdDMavPWVe3czc3UQkZevSKJNWGe6zfMp6EOf1+1vDf48=; Expires=Mon, 08-Nov-2032 18:54:25 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728866.yrts.1668192866#1699728866.yrtsi.1668192866; Expires=Sat, 11-Nov-2023 18:54:26 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:54:26 GMT
last-modified: Fri, 11-Nov-2022 18:54:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:54:26 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Fri, 11 Nov 2022 19:54:26 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 541348
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps-vector/2b3de84d60d13776b2ee.ru.js
178.154.131.216200 OK 16 kB URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps-vector/2b3de84d60d13776b2ee.ru.js
IP 178.154.131.216:0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps-vector/2b3de84d60d13776b2ee.ru.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:26 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"cac7a61fc3d41962a88758b805f918a0"
expires: Sun, 12 Nov 2023 00:43:33 GMT
last-modified: Thu, 10 Nov 2022 08:30:12 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: e0ed40874a3a4b58
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash f3e03b78f4b4deb54a4f188cf952efe3
6de6e096f33f991520ae0571115fc59c3daf4a2d
c1d9c345aa788b7226bdfe35f8f6ff87b4cd89944f991c5e344f0955a9b0c89d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:54:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 15 Nov 2022 15:29:58 GMT
ETag: "6de6e096f33f991520ae0571115fc59c3daf4a2d"
Last-Modified: Fri, 11 Nov 2022 15:29:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1408
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76893c8aed190b65-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash f3e03b78f4b4deb54a4f188cf952efe3
6de6e096f33f991520ae0571115fc59c3daf4a2d
c1d9c345aa788b7226bdfe35f8f6ff87b4cd89944f991c5e344f0955a9b0c89d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:54:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 15 Nov 2022 15:29:58 GMT
ETag: "6de6e096f33f991520ae0571115fc59c3daf4a2d"
Last-Modified: Fri, 11 Nov 2022 15:29:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1408
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76893c8afe96b506-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash f3e03b78f4b4deb54a4f188cf952efe3
6de6e096f33f991520ae0571115fc59c3daf4a2d
c1d9c345aa788b7226bdfe35f8f6ff87b4cd89944f991c5e344f0955a9b0c89d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:54:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 15 Nov 2022 15:29:58 GMT
ETag: "6de6e096f33f991520ae0571115fc59c3daf4a2d"
Last-Modified: Fri, 11 Nov 2022 15:29:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1408
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76893c8b0d270b65-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash f3e03b78f4b4deb54a4f188cf952efe3
6de6e096f33f991520ae0571115fc59c3daf4a2d
c1d9c345aa788b7226bdfe35f8f6ff87b4cd89944f991c5e344f0955a9b0c89d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:54:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 15 Nov 2022 15:29:58 GMT
ETag: "6de6e096f33f991520ae0571115fc59c3daf4a2d"
Last-Modified: Fri, 11 Nov 2022 15:29:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1408
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76893c8b0cb31c12-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5637
Expires: Fri, 11 Nov 2022 20:28:24 GMT
Date: Fri, 11 Nov 2022 18:54:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5637
Expires: Fri, 11 Nov 2022 20:28:24 GMT
Date: Fri, 11 Nov 2022 18:54:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5637
Expires: Fri, 11 Nov 2022 20:28:24 GMT
Date: Fri, 11 Nov 2022 18:54:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5637
Expires: Fri, 11 Nov 2022 20:28:24 GMT
Date: Fri, 11 Nov 2022 18:54:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e72f32944d6f03e005f7b6f3e87d8c72
5fe340bf33ac219f6a3d44810f31d0a8796c83a9
bcdcba30210d276996d0fe749bbfc69d666ae11ddfbfdb57307e4bb4d6e43d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10671
x-amzn-requestid: 1b6053eb-64ac-4c24-a750-c1b8cd69157f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJEh8GxPoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366b472-56c6a3bc07ec89ab56d4f3bd;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 19:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qJeWGvC4DM_d3k66OHN2V19elou-xoSNkep1BNalBO0NtKyQtAFzNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 04:30:53 GMT
age: 51814
etag: "5fe340bf33ac219f6a3d44810f31d0a8796c83a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5637
Expires: Fri, 11 Nov 2022 20:28:24 GMT
Date: Fri, 11 Nov 2022 18:54:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 07:47:38 GMT
age: 40009
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13f7b6eea163326da8c58ae5c09efccd
e0d1ebb35a16c686eae3d31eb85ac72278459b05
13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xSnHWpFlXeyf08gYjPn02H88Hta9fhiDjDOukoKtt6PPVBl_gNTfgw==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 76051
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88c9931a009690991e73c5b37a1aa085
815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0
74e70391889e4b46742033b1d5daccfec415ba2ee999e429d1013fd4a1ebc61a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8294
x-amzn-requestid: 233f9724-1c36-426d-8299-1f6577a6e5e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4lmE60IAMF1Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e23-4b2763b42d8a57044dfa8144;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QaMTrn0ZUptFLGY0x7bytPsJZHnLvdpMnU0XGCBU2pkmiA4MO8DIUw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
etag: "815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0"
content-type: image/jpeg
age: 76051
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 19 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 96bf1b820d31d9bae9ba1f1c957118d6
5c0d4f343229fb6c470047a072a5cefcb1e6b3ce
0d81627b3bc9b3354a9145ba274f6223e6f5f2ffad5aa5e1d5ab7567c191a69a
GET /tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 18747
date: Fri, 11 Nov 2022 18:54:27 GMT
access-control-allow-origin: *
set-cookie: _yasc=AOystpyjVUr5gi+8TJYg9h0EWJZf18p9oKvDaaB3UJYyJlVu1jpBFFvGOxI=; domain=.yandex.net; path=/; expires=Mon, 08-Nov-2032 18:54:27 GMT; secure
etag: "96bf1b820d31d9bae9ba1f1c957118d6"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2475&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 14 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2475&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 3426a95800922aaa9069d164ec5456b4
702d789789f11a09064b040b6e908b6c7c72196b
e243c986218431b021032c8cbd4f1de0ca9d55b34ff227c205870d6c548391f6
GET /tiles?l=map&v=22.11.10-3-b221110101130&x=2475&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 13605
date: Fri, 11 Nov 2022 18:54:27 GMT
access-control-allow-origin: *
set-cookie: _yasc=xLj2GQyFqXCpJLdNN4zWf3FPkETJVxA+K5xNAwAp3vXutOY/huTOSNnwi0YH; domain=.yandex.net; path=/; expires=Mon, 08-Nov-2032 18:54:27 GMT; secure
etag: "3426a95800922aaa9069d164ec5456b4"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90a78b0f806c0c5ef5e7128cc37b2edf
7339ad7b4f37cc37cb712207a7b3a5ac9355d9dc
770a2247a0f8d6b44c61cecc8a11e9882e4dd39269e181eef52cf6816407022b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6696
x-amzn-requestid: 19f91da1-beeb-400a-b4c0-059851ca839f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ_F3doAMFr6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-2ef73e121ff2c3cf0e95b450;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: skH-uMPMGVOwM2RoMjuNh3YaYVIYhfytSdJ5-YFcH4GhUXyOKehfFA==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 04:30:07 GMT
age: 51860
etag: "7339ad7b4f37cc37cb712207a7b3a5ac9355d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f29164fb4dd64d9ce60566fbebd40f0a
96de8f2627e1103c5e6beb5d64cdbc09f97fce82
8eba6095edfed1ee1402c050727f81b8a9942625fd1c9cbb3bac4e51ee178577
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6517
x-amzn-requestid: 78eb1490-4afb-497e-9dbd-afd6ddf9cc48
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG23pFPLoAMFxcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d1ca-4c9caca164576bfe07c9c05c;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:00:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zllrXRZmtjHqA98lS_q0Wtx5TeEh2cEy3tr_eGkozM_jWxTIA5d60g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:48:34 GMT
age: 75953
etag: "96de8f2627e1103c5e6beb5d64cdbc09f97fce82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 16 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 71a9a7b150fa944a1cc6d8ce732cf991
6e381a3d9f25272c988058f5fff3fb4637a5288e
7c2c863e2bf7e299fb5b15857164a0ec9459178ed80c639dc0c3959a2de8ae3c
GET /tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 16065
date: Fri, 11 Nov 2022 18:54:27 GMT
access-control-allow-origin: *
set-cookie: _yasc=UK471bucZaOyPlB7rV4Prf7jJ5p4ZyoJRI2PKCCnEMD+9GFYEP/6KT6FvXXq; domain=.yandex.net; path=/; expires=Mon, 08-Nov-2032 18:54:27 GMT; secure
etag: "71a9a7b150fa944a1cc6d8ce732cf991"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1282&z=12&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 17 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1282&z=12&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash ce7fb7a55fd6251951dd714dad7992c5
05cce0bfeb7fbeec8ccd9d262753021511fc3c87
2379e81b2af3129bf0e3c94ae2974e619fbc6cefbb6b06d3fe2ab1e308dccbc4
GET /tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1282&z=12&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 16686
date: Fri, 11 Nov 2022 18:54:27 GMT
access-control-allow-origin: *
set-cookie: _yasc=VX2uVeL40BaCpq8c6yKw+HurzML0R2ahT19n2M6s7vdDLZ688UzXTMVOyM8K; domain=.yandex.net; path=/; expires=Mon, 08-Nov-2032 18:54:27 GMT; secure
etag: "ce7fb7a55fd6251951dd714dad7992c5"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/_/fd161c881e6392111418a1036fe1188e.svg
178.154.131.216200 OK 18 kB URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/_/fd161c881e6392111418a1036fe1188e.svg
IP 178.154.131.216:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (476)
Hash 1b71de9ecf6962d5ca1bb57b99d8dd83
0d10e538f1e96eb16c5f986960ad2a0a9a8dc7f0
924aa7e68c24b65ffac474d958f66a75023b753e3d08f0967f5fa169e5f257a1
GET /s3/front-maps-static/maps-front-maps/_/fd161c881e6392111418a1036fe1188e.svg HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:26 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"fd161c881e6392111418a1036fe1188e"
expires: Sun, 12 Nov 2023 00:40:19 GMT
last-modified: Fri, 03 Jul 2020 08:04:30 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 74a547c609107a62
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2475&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 18 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2475&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 5334a7d76afdc2fbe1dbb4cdf95add68
687a6d3be1d690817889b1302cc20bbeb6439307
78002ddd5995713050e7cdc5605e1e7d7005096ce8f868755460146d1e723766
GET /tiles?l=map&v=22.11.10-3-b221110101130&x=2475&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 17553
date: Fri, 11 Nov 2022 18:54:27 GMT
access-control-allow-origin: *
set-cookie: _yasc=CYGbNsRzVGle8Fxq9mPEw3eqQ3lb/Ue1PD+0uK4tTr43Ce0MlKmicwoSbvs=; domain=.yandex.net; path=/; expires=Mon, 08-Nov-2032 18:54:27 GMT; secure
etag: "5334a7d76afdc2fbe1dbb4cdf95add68"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 17 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 53c89df0e74433ddb280bce8089b56ce
d15244fc65cda094ca25d452dc5d1b16ec5986aa
c49c01000298aa1e1ea19a100869c8ad52f62e47191b5753a4c539b5abdc189a
GET /tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1283&z=12&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 16632
date: Fri, 11 Nov 2022 18:54:27 GMT
access-control-allow-origin: *
set-cookie: _yasc=cYl0GkSAkxWJGVKjqsBIyGhD4okk/MaGJ636ngJjdu5pY9rt+Vd9yd723M7L; domain=.yandex.net; path=/; expires=Mon, 08-Nov-2032 18:54:27 GMT; secure
etag: "53c89df0e74433ddb280bce8089b56ce"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1282&z=12&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 18 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1282&z=12&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 7dc1ef9e2529a25a2f93b1f18bcc9da2
8baca83f1ca79a4b26da15114b985006ea8051a2
fd2e4c2d598133c9c1b8efb229e7262200f3405f55bb0dde44cd7bfca8b6bb86
GET /tiles?l=map&v=22.11.10-3-b221110101130&x=2473&y=1282&z=12&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 17602
date: Fri, 11 Nov 2022 18:54:27 GMT
access-control-allow-origin: *
set-cookie: _yasc=D2Rqp/DJrYgAAMbynomrQpaehWKSFRuHg98YvFsU+H2H/vrRUVCEO1+rjNU=; domain=.yandex.net; path=/; expires=Mon, 08-Nov-2032 18:54:27 GMT; secure
etag: "7dc1ef9e2529a25a2f93b1f18bcc9da2"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 16 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 1e9d9d67e6c838a22e52157419e18615
7810da50158645db3e6f1655c730204b6e9b7caf
b2d47ced429fbc16c98767d23158f5a7f294a15499ed10bcb23d30fb46b57b2c
GET /tiles?l=map&v=22.11.10-3-b221110101130&x=2474&y=1281&z=12&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 16207
date: Fri, 11 Nov 2022 18:54:27 GMT
access-control-allow-origin: *
set-cookie: _yasc=/WmPlfZFeLyx0PVOBFMLqB7g398mR834pv/PgAZ1/+9WBNMd86e0MJVa59S0; domain=.yandex.net; path=/; expires=Mon, 08-Nov-2032 18:54:27 GMT; secure
etag: "1e9d9d67e6c838a22e52157419e18615"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
mc.yandex.ru/watch/44120344?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185429%3Aet%3A1668192869%3Arn%3A978641206%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192869%3At%3Amap%20frame
87.250.251.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/44120344?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185429%3Aet%3A1668192869%3Arn%3A978641206%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192869%3At%3Amap%20frame
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 919c1d31ff69eb0291fa6671148c6eb7
a6821c97312fd559d524b4bc04a3422f176e630d
98ab178ed66abfa4f1b9fcc7d310f7d116c9a12c97600f6a754a3a7309c0fb1f
GET /watch/44120344?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185429%3Aet%3A1668192869%3Arn%3A978641206%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192869%3At%3Amap%20frame HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
location: /watch/44120344/1?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185429%3Aet%3A1668192869%3Arn%3A978641206%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192869%3At%3Amap%20frame
date: Fri, 11 Nov 2022 18:54:29 GMT
access-control-allow-origin: https://yandex.ru
set-cookie: yandexuid=3818710921668192869; Expires=Sat, 11-Nov-2023 18:54:29 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3818710921668192869; Expires=Sat, 11-Nov-2023 18:54:29 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=550251981668192869; Path=/; SameSite=None; Secure
i=3zIxp8UsTJhYPjnx+ta6qESfFsY+P0ndq56VFdGu67iBImSJih+3teoIgXcqMuHthjSoO+bXhtWtPNF0qPfyizUlNqE=; Expires=Mon, 08-Nov-2032 18:54:24 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728869.yrts.1668192869#1699728869.yrtsi.1668192869; Expires=Sat, 11-Nov-2023 18:54:29 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:54:29 GMT
last-modified: Fri, 11-Nov-2022 18:54:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/44120344/1?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A982547493%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C1428%2C1428%2C1%2C807%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192870%3At%3Amap%20frame
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/44120344/1?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A982547493%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C1428%2C1428%2C1%2C807%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192870%3At%3Amap%20frame
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/44120344/1?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A982547493%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C1428%2C1428%2C1%2C807%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192870%3At%3Amap%20frame HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Referer: https://yandex.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:54:30 GMT
access-control-allow-origin: https://yandex.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:54:30 GMT
last-modified: Fri, 11-Nov-2022 18:54:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/04/7.png
78.110.50.142200 OK 0 B URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/04/7.png
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
GET /wp-content/uploads/2022/04/7.png HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:13:29 GMT
accept-ranges: bytes
content-length: 207618
content-type: image/png
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "32b02-5dbeb5d14e040"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
mai-avto.ru/wp-content/uploads/2022/03/ser.jpg
78.110.50.142200 OK 0 B URL HTTP/2 mai-avto.ru/wp-content/uploads/2022/03/ser.jpg
IP 78.110.50.142:0
ASN #31240 Hosting Telesystems OOO
GET /wp-content/uploads/2022/03/ser.jpg HTTP/1.1
Host: mai-avto.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 17:12:05 GMT
accept-ranges: bytes
content-length: 126822
content-type: image/jpeg
date: Fri, 11 Nov 2022 18:56:13 GMT
server: Apache/2.4.37 () PHP/7.2.34
etag: "1ef66-5dbeb58132340"
age: 0
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
142.250.74.163200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
IP 142.250.74.163:0
GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mai-avto.ru
Connection: keep-alive
Referer: https://mai-avto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 03:30:21 GMT
expires: Wed, 08 Nov 2023 03:30:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
content-type: text/javascript
age: 314645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/834827ee7334b019782f.ru.js
178.154.131.216200 OK 0 B URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/834827ee7334b019782f.ru.js
IP 178.154.131.216:0
GET /s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/834827ee7334b019782f.ru.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:26 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"98761d823f260e9ebbc18756865a1444"
expires: Sun, 12 Nov 2023 00:38:53 GMT
last-modified: Thu, 10 Nov 2022 08:30:12 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: a1dc683b8f866497
X-Firefox-Spdy: h2
mc.yandex.ru/watch/44120344?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A982547493%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C1428%2C1428%2C1%2C807%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192870%3At%3Amap%20frame
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/44120344?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A982547493%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C1428%2C1428%2C1%2C807%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192870%3At%3Amap%20frame
IP 87.250.251.119:0
GET /watch/44120344?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A982547493%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C1428%2C1428%2C1%2C807%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192870%3At%3Amap%20frame HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
location: /watch/44120344/1?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Fum%3Dconstructor%253Aaab3255fe1965e7856d1edf573ad8cc4954d40513f5511174960c7f1e97959ed%26source%3Dconstructor&page-ref=https%3A%2F%2Fmai-avto.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A6%3Avf%3Adufjglajcyrdo5482bies%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1056862740678%3Ahid%3A670474967%3Aphid%3A310907973%3Az%3A0%3Ai%3A20221111185426%3Aet%3A1668192866%3Arn%3A982547493%3Au%3A166819286622995025%3Aw%3A565x400%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C73%2C0%2C1428%2C1428%2C1%2C807%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668192870%3At%3Amap%20frame
date: Fri, 11 Nov 2022 18:54:29 GMT
access-control-allow-origin: https://yandex.ru
set-cookie: yandexuid=1856221411668192869; Expires=Sat, 11-Nov-2023 18:54:29 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1856221411668192869; Expires=Sat, 11-Nov-2023 18:54:29 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1518629271668192869; Path=/; SameSite=None; Secure
i=Lqseik3/YX7YSktxd6v4+X2qwrSRXklyigwbVEWREfijJ0Z75Sc4YtheJh9nLqGawSi/hP6BOfrXHKm0HsxnnwRJZn8=; Expires=Mon, 08-Nov-2032 18:54:26 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728869.yrts.1668192869#1699728869.yrtsi.1668192869; Expires=Sat, 11-Nov-2023 18:54:29 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:54:29 GMT
last-modified: Fri, 11-Nov-2022 18:54:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/static/v32/icons/core/logo-24.svg
178.154.131.216200 OK 0 B URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/static/v32/icons/core/logo-24.svg
IP 178.154.131.216:0
GET /s3/front-maps-static/maps-front-maps/static/v32/icons/core/logo-24.svg HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:54:26 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"dfa85f8fef0925f34b0b5d39ad8ff1d3"
expires: Sun, 12 Nov 2023 00:40:58 GMT
last-modified: Mon, 10 Oct 2022 07:37:24 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 6fdb0b20c95954ce
X-Firefox-Spdy: h2