marsian.at.ua/news/1-0-9
193.109.246.72301 Moved Permanently 178 B IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET /news/1-0-9 HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://marsian.at.ua/news/1-0-9
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11842
Expires: Tue, 31 Jan 2023 15:15:57 GMT
Date: Tue, 31 Jan 2023 11:58:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13550
Expires: Tue, 31 Jan 2023 15:44:25 GMT
Date: Tue, 31 Jan 2023 11:58:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 11:43:17 GMT
content-type: application/json
age: 918
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8841
Expires: Tue, 31 Jan 2023 14:25:56 GMT
Date: Tue, 31 Jan 2023 11:58:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: G1AEtp2k41OYIxtu8yWKkrOoRfSpsqtuMerMJE4IXmLK6VWsfeIme9AADThB7cNSHoYxZc7dBtY=
x-amz-request-id: 8CDNEAHH9SHJW7PW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 11:51:09 GMT
age: 446
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 11:58:35 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
marsian.at.ua/news/1-0-9
193.109.246.72200 OK 14 kB IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3992)
Hash 1f52e5859a1ffd71b6741cebb4e95b16
d192c1f72713060184c821fa487d00004c8ebaa5
7d855aab629877ea1cdd222b50852c23731b2195e3d969fc2f2177d480940918
Analyzer Verdict Alert fortinet Phishing
GET /news/1-0-9 HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 2marsianuCoz=; path=/; expires=Sun, 31-Jan-2021 11:58:37 GMT; Secure; HttpOnly; domain=.marsian.at.ua
2marsianuCoz=; path=/; expires=Sun, 31-Jan-2021 11:58:37 GMT; Secure; HttpOnly; domain=.marsian.at.ua
ucvid=sWfl42leGs; path=/; expires=Wed, 31-Jan-2024 11:58:37 GMT
2marsianpushi=1; path=/; expires=Wed, 01-Feb-2023 10:58:37 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Tue, 31 Jan 2023 11:58:32 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
marsian.at.ua/?1E1daPRgfDVt45H%21lRtjhvQaLZExfXnd8Zc0KjrT9TwiNZmRaRX%3B8FNd%5EzOtgD%5EC3rA%216w64IrmDH5caKB%5EIv8%21Th4mp%5EjgzpP02sI5iSViDCA2P3KQnsXiIGF%3Be%5EmUPH4nugB36N%3By1m7pGYaBnRvrsObgQsuLMqCFW7H5LmA5UlCl6y0iFlkh268CvkFvA3Hp2K9bz%21A4aYzjvuTtPs%3Boo
193.109.246.72200 OK 1.2 kB URL HTTP/1.1 marsian.at.ua/?1E1daPRgfDVt45H%21lRtjhvQaLZExfXnd8Zc0KjrT9TwiNZmRaRX%3B8FNd%5EzOtgD%5EC3rA%216w64IrmDH5caKB%5EIv8%21Th4mp%5EjgzpP02sI5iSViDCA2P3KQnsXiIGF%3Be%5EmUPH4nugB36N%3By1m7pGYaBnRvrsObgQsuLMqCFW7H5LmA5UlCl6y0iFlkh268CvkFvA3Hp2K9bz%21A4aYzjvuTtPs%3Boo
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash a5a94ea282c01109e37affe544b377c4
e33d20c975e0d4afe60cdca36c0d20b689fec8e5
fdc17f922f9c651d135798e0a4ac47ed7d4eb3d4ba1cf3453ea06c4023653c83
GET /?1E1daPRgfDVt45H%21lRtjhvQaLZExfXnd8Zc0KjrT9TwiNZmRaRX%3B8FNd%5EzOtgD%5EC3rA%216w64IrmDH5caKB%5EIv8%21Th4mp%5EjgzpP02sI5iSViDCA2P3KQnsXiIGF%3Be%5EmUPH4nugB36N%3By1m7pGYaBnRvrsObgQsuLMqCFW7H5LmA5UlCl6y0iFlkh268CvkFvA3Hp2K9bz%21A4aYzjvuTtPs%3Boo HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 11:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
216.58.207.228200 OK 581 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP 216.58.207.228:0
File type ASCII text, with very long lines (905), with no line terminators
Hash 7988b7a7f2a00a8739c2975ff8e9ef67
8277ed8f6dad2ec9d2d8e71a3e891a8dde962ed9
3e07b94248ab51f998f57ddfe31d269b75a27a6d6826ab7a65d453ba71de4c21
GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 31 Jan 2023 11:58:36 GMT
date: Tue, 31 Jan 2023 11:58:36 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marsian.at.ua/.s/src/base.min.css
193.109.246.72200 OK 6.2 kB URL HTTP/1.1 marsian.at.ua/.s/src/base.min.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (24508), with no line terminators
Hash dd4ba2903316d6db69f617daf90784ce
8e6507274d9d719658129b3dd24af66d7fc6e4b3
6dd14bcbcbc05d7af92a78316a37519526eec0e21ad651d7a92d2ed5065ea90f
GET /.s/src/base.min.css HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: text/css
Last-Modified: Fri, 09 Dec 2022 12:35:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63932b98-5fbc"
Expires: Mon, 20 Feb 2023 11:58:36 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
marsian.at.ua/.s/src/css/451.css
193.109.246.72200 OK 3.6 kB URL HTTP/1.1 marsian.at.ua/.s/src/css/451.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type assembler source, ASCII text
Hash d2eb56973a304b80aa2399e0a79a081f
f7c071eb1bb8f5eae0f154e5cb00eee178301d00
925f02aa277efc2be98eb093e74446fe5222e2ee130492c9362a3b33e3d34767
GET /.s/src/css/451.css HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: text/css
Last-Modified: Thu, 01 Sep 2022 17:44:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef6e-3f07"
Expires: Mon, 20 Feb 2023 11:58:36 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
marsian.at.ua/.s/src/layer6.min.css
193.109.246.72200 OK 5.4 kB URL HTTP/1.1 marsian.at.ua/.s/src/layer6.min.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (22086), with no line terminators
Hash 1a5633ea54dc524374d577ffa78f2434
2327d43aeea34b6960670acef426bd7c7a596fce
36641fa5ba93c6a6d19925faf772aa7d93f30cd07c159929d24038f374cec22c
GET /.s/src/layer6.min.css HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: text/css
Last-Modified: Fri, 09 Dec 2022 12:35:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63932b98-5646"
Expires: Mon, 20 Feb 2023 11:58:36 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
marsian.at.ua/?adSS106VQkxXIdr%2164hVSvcIM8wXuh8UIyyVCENPCLJRgaa%5ECtxNlOevr9q0cTsdW%3Bc6vstSPZSWkLBk%5E3HaPtjyis1CGCDU76ie9hlGhwgIi%21mLkS2rBQctHKHzKWRRMHvBgT1EjUHSseAiWrUAdwsr%3BDx9jyaCJG6Ql3SGHFM7BDJxIlU%5EahYnanQHKzR%3BysrJp1nnl215MTx76cwVFgoo
193.109.246.72200 OK 811 B URL HTTP/1.1 marsian.at.ua/?adSS106VQkxXIdr%2164hVSvcIM8wXuh8UIyyVCENPCLJRgaa%5ECtxNlOevr9q0cTsdW%3Bc6vstSPZSWkLBk%5E3HaPtjyis1CGCDU76ie9hlGhwgIi%21mLkS2rBQctHKHzKWRRMHvBgT1EjUHSseAiWrUAdwsr%3BDx9jyaCJG6Ql3SGHFM7BDJxIlU%5EahYnanQHKzR%3BysrJp1nnl215MTx76cwVFgoo
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash 4a33e7cd7558f3f5a86d0fc27aee8c90
50fc0ad44d3917690997ca278091e53d0d575362
d6304d22c2821d367e3697cb9fa4e6dbeb093b8634fccd35312664d30d72b330
GET /?adSS106VQkxXIdr%2164hVSvcIM8wXuh8UIyyVCENPCLJRgaa%5ECtxNlOevr9q0cTsdW%3Bc6vstSPZSWkLBk%5E3HaPtjyis1CGCDU76ie9hlGhwgIi%21mLkS2rBQctHKHzKWRRMHvBgT1EjUHSseAiWrUAdwsr%3BDx9jyaCJG6Ql3SGHFM7BDJxIlU%5EahYnanQHKzR%3BysrJp1nnl215MTx76cwVFgoo HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
marsian.at.ua/.s/src/ulightbox/ulightbox.min.css
193.109.246.72200 OK 1.4 kB URL HTTP/1.1 marsian.at.ua/.s/src/ulightbox/ulightbox.min.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (4552), with no line terminators
Hash 9c03edbcbefe3eea8902981444de96f7
ca39997a1765ab084fb7e6740858176b9385c4ca
8487aa6ee4bd261bdf1f5b681cf96d347cd980ed45183c5a2a9571db6c891a08
GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12128
Expires: Tue, 31 Jan 2023 15:20:44 GMT
Date: Tue, 31 Jan 2023 11:58:36 GMT
Connection: keep-alive
marsian.at.ua/.s/src/social.css
193.109.246.72200 OK 610 B URL HTTP/1.1 marsian.at.ua/.s/src/social.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (442)
Hash af855dcd18719bcf0da15a9029755af1
d74d0ed8d96f2ebe46a7671564bf80eea6865103
9add1a323772a7c09260b63a21732472cb0204105c1d2bee763ea1429f0e26e9
GET /.s/src/social.css HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"61a758f3-9b8"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
marsian.at.ua/.s/src/ulightbox/ulightbox.min.js
193.109.246.72200 OK 7.6 kB URL HTTP/1.1 marsian.at.ua/.s/src/ulightbox/ulightbox.min.js
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (22291), with no line terminators
Hash 3bb3aaa5262067cec461b32298975b05
4e11bfe49cd05fcdbd1e692fc87788da07e62161
61fa91bb508bfda7ee487ffaf0e38aa71cfab1ce78bb108d6c6140dc9b35ab22
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: text/javascript
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-5713"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
marsian.at.ua/swfobject.js
193.109.246.72200 OK 3.9 kB URL HTTP/1.1 marsian.at.ua/swfobject.js
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document, ASCII text, with very long lines (9516)
Hash 60192b7e0b4cd0893f2c7270368ac3e4
85de6a7caeac993a7e7e13becbd2f58502a117b1
b41e20fd694eb168b9e50b3866a4cc83101770389c6fd7ad4221235320b48020
Analyzer Verdict Alert fortinet Phishing
GET /swfobject.js HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: text/javascript
Last-Modified: Wed, 26 Aug 2009 11:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4a951f59-261f"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
marsian.at.ua/.s/src/uwnd.min.js
193.109.246.72200 OK 57 kB URL HTTP/1.1 marsian.at.ua/.s/src/uwnd.min.js
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20adfead3a54ad11599adb1bab3d6fc6
23bb516448d5c643cb186ad9aec426388aa79dfd
b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/uwnd.min.js HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Mon, 20 Feb 2023 11:58:36 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 11:58:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s72.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.074552342456311
193.109.246.72200 OK 0 B URL HTTP/1.1 s72.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.074552342456311
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.074552342456311 HTTP/1.1
Host: s72.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 11:49:04 GMT
age: 572
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
marsian.at.ua/.s/t/451/24.gif
193.109.246.72200 OK 142 B URL HTTP/1.1 marsian.at.ua/.s/t/451/24.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 12\012- data
Hash 75ede12468b84f2f89adfa42455e2a5f
b0ab4b7c24cd43d953a64f0947ce4af003eebecb
0ea990486fda93161290929e7d9c595489a02de7320eb829bc74cc9b31165771
GET /.s/t/451/24.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 142
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-8e"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/14.gif
193.109.246.72200 OK 141 B URL HTTP/1.1 marsian.at.ua/.s/t/451/14.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 12\012- data
Hash baf3745fe76df81ff61a4c8bc8d89137
0a87797a8b216540a5c38e2486167187dcb0a2bb
aba47c90a1d2e2bd6806ca3dc5a19a74280e734f2ab0e5270fa005d442e00109
GET /.s/t/451/14.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 141
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-8d"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/2.gif
193.109.246.72200 OK 56 B URL HTTP/1.1 marsian.at.ua/.s/t/451/2.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 10 x 10\012- data
Hash c4f70dd1bcca46a0ac9c78414dfeb5e0
7df0d4f5df3dac9fa4b32c78d07fdb22f8624d87
34e358d1fca39c8cfb70ca3692b4f03c6672ef359c22b490599cee77971eb5cb
GET /.s/t/451/2.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 56
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-38"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/17.gif
193.109.246.72200 OK 142 B URL HTTP/1.1 marsian.at.ua/.s/t/451/17.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 12\012- data
Hash 789c88b1b98fb973c932bb2fc5aa6935
9f7bf893cf37e58f4fb08ef6dcca3069809b7aec
2427e86f42e81862964449e3f5057aa9e922a5d1bb58e8dadb4a4a16a6d38b16
GET /.s/t/451/17.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 142
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-8e"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/19.gif
193.109.246.72200 OK 543 B URL HTTP/1.1 marsian.at.ua/.s/t/451/19.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 60\012- data
Hash 74c41ee0309ad04519b10773473df952
710a4594beccb878fff4f4718c7835789a31db50
dd8b9a34ef8f1c2b7981da422da0b8c896712f450a7c7bb6eeecf53dd3cbb81d
GET /.s/t/451/19.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 543
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-21f"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
fotky.com.ua/files/31790_1hu0b.jpg
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 fotky.com.ua/files/31790_1hu0b.jpg
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/31790_1hu0b.jpg HTTP/1.1
Host: fotky.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 11:58:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 31 Jan 2023 12:58:36 GMT
Location: https://fotky.com.ua/files/31790_1hu0b.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBP%2Bxtg7Z7fCzniptIQAI6bAbc3sUL9QWacPnjwZi0VWq6iCEPPeWz6PlCZuo6Whz3Rcw44mu1Dp1ZyTt8V7mboBTfLpv758mQsjmbDQYTS9q2Amgw93iCwuO1g%2BhTI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792246c53a6fb523-OSL
alt-svc: h2=":443"; ma=60
marsian.at.ua/.s/t/451/22.gif
193.109.246.72200 OK 543 B URL HTTP/1.1 marsian.at.ua/.s/t/451/22.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 60\012- data
Hash 8c0b535ba8771885747349f38fa67f52
cad6d922df4cdfddfb6a6ea85ed650bd746635e6
c267f0bc0d40d25c483ac66c8660602f9b93ce885d081f3c8a6cf200cb7b2f68
GET /.s/t/451/22.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 543
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-21f"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/23.gif
193.109.246.72200 OK 544 B URL HTTP/1.1 marsian.at.ua/.s/t/451/23.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 60\012- data
Hash f297c4d164ac6fa7dc322883e2032521
c700b43a3375dc52b2a36309c7d70f56fef616d6
52091f89d22645191589eb91c7950c19de6b3ec2e062eda3a7e01d075bd865ce
GET /.s/t/451/23.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 544
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-220"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
popcorm.at.ua/mini_profil/mail1.gif
193.109.247.16404 Not Found 2.7 kB URL HTTP/1.1 popcorm.at.ua/mini_profil/mail1.gif
IP 193.109.247.16:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
GET /mini_profil/mail1.gif HTTP/1.1
Host: popcorm.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.8.0
Date: Tue, 31 Jan 2023 11:58:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
popcorm.at.ua/mini_profil/no_avatar.jpeg
193.109.247.16404 Not Found 2.7 kB URL HTTP/1.1 popcorm.at.ua/mini_profil/no_avatar.jpeg
IP 193.109.247.16:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
GET /mini_profil/no_avatar.jpeg HTTP/1.1
Host: popcorm.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.8.0
Date: Tue, 31 Jan 2023 11:58:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
nashe-ridne.at.ua/film2/Law_Abiding_Citizen_2009.jpg
195.216.243.234301 Moved Permanently 178 B URL HTTP/1.1 nashe-ridne.at.ua/film2/Law_Abiding_Citizen_2009.jpg
IP 195.216.243.234:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /film2/Law_Abiding_Citizen_2009.jpg HTTP/1.1
Host: nashe-ridne.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 11:58:34 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://nashe-ridne.at.ua/film2/Law_Abiding_Citizen_2009.jpg
X-Frame-Options: SAMEORIGIN
marsian.at.ua/.s/t/451/7.gif
193.109.246.72200 OK 153 B URL HTTP/1.1 marsian.at.ua/.s/t/451/7.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 4 x 240\012- data
Hash eff7f26e942c7b554db8837da4880c31
b40ee31f10e8a96de373a9e7b7c206d582a44e58
f4a3f917995366a959a8897926d2920d1d45d1ae8508dcc222c5f5511869262e
GET /.s/t/451/7.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 153
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-99"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
proc.com.ua/uploads/posts/2010-01/1263348702_788510.jpg
185.53.177.53400 Bad Request 20 B URL HTTP/1.1 proc.com.ua/uploads/posts/2010-01/1263348702_788510.jpg
IP 185.53.177.53:0
ASN #61969 Team Internet AG
File type ASCII text, with no line terminators
Hash 64b3d0bcb16e406cdd665ec49fefb7f1
8da5d8ac9123e50bbd4293b111f6f640f864256b
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
GET /uploads/posts/2010-01/1263348702_788510.jpg HTTP/1.1
Host: proc.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 400 Bad Request
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Blocked: 11015.10
marsian.at.ua/mchat/
193.109.246.72200 OK 6.8 kB IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 9ebccf60adb2f8e123457802b4761f3f
43b35b43c75252727629b29d69a21444adb3fac3
87603c4d174d9f37360d1118540ce558148ea3b900e52f5f4696b12fc5374265
Analyzer Verdict Alert fortinet Phishing
GET /mchat/ HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 2marsianuCoz=; path=/; expires=Sun, 31-Jan-2021 11:58:37 GMT; Secure; HttpOnly; domain=.marsian.at.ua
Pragma: no-cache
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
push.services.mozilla.com/
50.112.247.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 50.112.247.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FauvjuWeZ1XYGj8AAx53Pw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0yGkEoGFRHJb0XBHhIKoYq4jYxc=
marsian.at.ua/.s/img/fr/mcr.gif
193.109.246.72200 OK 348 B URL HTTP/1.1 marsian.at.ua/.s/img/fr/mcr.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 13 x 15\012- data
Hash c7c13b5cc1fd1f2003801cc36fb9668c
e491ea081d73cefca91571475b7f3de403b08145
b1532fbb9c546fdee5b45583c446f24f089035298f95f4ad2ac166d5f1eb8a2e
GET /.s/img/fr/mcr.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 348
Last-Modified: Mon, 21 Nov 2022 12:38:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7151-15c"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/1.gif
193.109.246.72200 OK 47 B URL HTTP/1.1 marsian.at.ua/.s/t/451/1.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 69552946497a4ca469e1c7a5b8ae9b16
8a12a97982029aaa4873f5b9cfb2fbc6a013537f
8861e457a0ea1e5f5dabbdf4ee4d5770f1995bb5bfadde2635961ce2c2eb50bf
GET /.s/t/451/1.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 47
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-2f"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/21.gif
193.109.246.72200 OK 544 B URL HTTP/1.1 marsian.at.ua/.s/t/451/21.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 60\012- data
Hash 15cdaa06259512d091126cbd9de091b9
cd8c4c362fc580d10fef1d7baf32050bf127360a
ec4d1d7e0edd35f34d98533eb7027f4bfab35482e4de193604da84ef6461dcde
GET /.s/t/451/21.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 544
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-220"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/img/wd/1/ar1.gif
193.109.246.72200 OK 49 B URL HTTP/1.1 marsian.at.ua/.s/img/wd/1/ar1.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 4 x 7\012- data
Hash 4ed1ae998f20cab9a52ec899590999bb
5d5cde2a289304840005fbfb0f2825837e35c731
68c66290ff9cfdc3863623a3533b742ad62ce6045395a8460d7ca8a8a9d2ee8c
GET /.s/img/wd/1/ar1.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/.s/src/css/451.css
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 49
Last-Modified: Mon, 21 Nov 2022 12:38:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b715b-31"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/16.gif
193.109.246.72200 OK 418 B URL HTTP/1.1 marsian.at.ua/.s/t/451/16.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 35 x 12\012- data
Hash a36c7e9287a49ff19fa06da6fd3578ea
c6529276887209cd863ccf1e62d33e98675291d3
a3ce0106bb97d99f40f065fe47b0cc1c596c91132245c757bf11f1c12fc2ca71
GET /.s/t/451/16.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 418
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-1a2"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/src/uwnd.min.js?2
193.109.246.72200 OK 57 kB URL HTTP/1.1 marsian.at.ua/.s/src/uwnd.min.js?2
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20adfead3a54ad11599adb1bab3d6fc6
23bb516448d5c643cb186ad9aec426388aa79dfd
b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4
GET /.s/src/uwnd.min.js?2 HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/mchat/
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
marsian.at.ua/.s/t/451/8.jpg
193.109.246.72200 OK 28 kB URL HTTP/1.1 marsian.at.ua/.s/t/451/8.jpg
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 560x240, components 3\012- data
Hash 2805d7268dcea36f428fd470da658325
bc402c8318eff0ed9b2be4f00bb96bd8efa99e45
f70aa146086fd33ca5f0603fa549d481dbddb998a375a14fc8d6e7dd3e15c7cd
GET /.s/t/451/8.jpg HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/jpeg
Content-Length: 27884
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-6cec"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/img/sh/wait.gif
193.109.246.72200 OK 265 B URL HTTP/1.1 marsian.at.ua/.s/img/sh/wait.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 32 x 8\012- data
Hash c44da6bb38458d2c57e23104c53d8e05
5e9352aa3d0b522fff659c48299d1b3006c78f47
163da6b91f78ccad8c824ef31e5dbd2a89fb8d93f2381d43faa96acf502ca3e8
GET /.s/img/sh/wait.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/.s/src/base.min.css
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 265
Last-Modified: Wed, 30 Nov 2022 17:03:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "63878ccf-109"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/31.gif
193.109.246.72200 OK 291 B URL HTTP/1.1 marsian.at.ua/.s/t/451/31.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 15 x 15\012- data
Hash 8b84c8b14f12234b1f27d5539a2cfd2a
09602734370a40861ed28a4305a38334331d2e5f
530218b3cedb3cf0b63d7f1db2a450e055657783d1cac16c941d74692177f82d
GET /.s/t/451/31.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/.s/src/css/451.css
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 291
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-123"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/15.gif
193.109.246.72200 OK 98 B URL HTTP/1.1 marsian.at.ua/.s/t/451/15.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 2 x 12\012- data
Hash f51a4fb5e919ba6cec3a025c03abaef9
02ed02c2331c18e2584317ae66dfe2a46cacdefd
0846ba472d821ab47c02eff4d008b40050d956bd5b7242b08218e9df6faa13f0
GET /.s/t/451/15.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 98
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-62"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/18.gif
193.109.246.72200 OK 52 B URL HTTP/1.1 marsian.at.ua/.s/t/451/18.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 1\012- data
Hash 3f257593b7d46ed3b31508760be08f25
05cc6833b46bae6a52e180269caf04c52da57da0
c43889dd9701515239fba426af23737a0a83203b57c440a1112e5a3e66c7e289
GET /.s/t/451/18.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 52
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-34"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/20.gif
193.109.246.72200 OK 52 B URL HTTP/1.1 marsian.at.ua/.s/t/451/20.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 1\012- data
Hash 84df72a0a59859a1e38c8517e4d66f81
d3d7dc8c04e64cd3d59c0ed23d3de7d4e3b80b47
c65265e461ec0d75de19fe8dc5c4f8425dd3e4c2277a8f089b6e18276489b960
GET /.s/t/451/20.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 52
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-34"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/25.gif
193.109.246.72200 OK 72 B URL HTTP/1.1 marsian.at.ua/.s/t/451/25.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 2 x 12\012- data
Hash 5b75f32785cb2c662916b5bb2a74fb61
476b7f7f103fca38297d8318fcb83755634a68b9
94f9eb6490e8579f17bd5ed044931fc3b3579999b13d0913dc7d911feff69cfa
GET /.s/t/451/25.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 72
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-48"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/28.gif
193.109.246.72200 OK 309 B URL HTTP/1.1 marsian.at.ua/.s/t/451/28.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 2 x 49\012- data
Hash 3b028922837a531949f6d4232d9cf501
b089dc0d76becc1020a8783252dbbd7b590e7364
d1d06cde05c6d016acdf74cc467ae2b5009430b21e69095b4c4bba637a638fb8
GET /.s/t/451/28.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 309
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-135"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/stat/1675166317
193.109.246.72200 OK 390 B URL HTTP/1.1 marsian.at.ua/stat/1675166317
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 87a, 88 x 31\012- data
Hash 0779ffaa910dc4b33a5824107b42164c
bcb5a8f27d0a087c27204a19a6484dd16e620da8
478bc142e0e177b04c66b82b2e859f1ba8ade1daa3f785833457ea6357fcdb3b
Analyzer Verdict Alert fortinet Phishing
GET /stat/1675166317 HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
marsian.at.ua/.s/t/451/9.gif
193.109.246.72200 OK 5.4 kB URL HTTP/1.1 marsian.at.ua/.s/t/451/9.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 214 x 34\012- data
Hash d253a1040cb2499cb115ddd083b12663
cff2d50c5533ba374bd6f21ca8062678145e474d
c039865ad7cec4ba388add22f8010c79542cd82e0303508797aa26239f6429cc
GET /.s/t/451/9.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 5443
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-1543"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/10.gif
193.109.246.72200 OK 45 B URL HTTP/1.1 marsian.at.ua/.s/t/451/10.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 1\012- data
Hash 71a31912ade8c98bd23bc4cc845aed26
4b1db926ab6389117e4eb3a28c263d37fc44f2e9
81bbaa2b14bc31a0cd330ea4c3d2923975c4ece57704855235f9ab275459ae39
GET /.s/t/451/10.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 45
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-2d"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/12.gif
193.109.246.72200 OK 7.0 kB URL HTTP/1.1 marsian.at.ua/.s/t/451/12.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 202 x 1000\012- data
Hash 9df7993d94581b0a970e2e561efa709f
1414b3ad283b0cb0f2061955b79a015c4610c513
08305fd78f86de51857588a475f1dfb475fb134ea1dd78cbef46893bd1505a60
GET /.s/t/451/12.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 6989
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-1b4d"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f4439493efb97eff0cede748dd2a0a0
fda0845e09e819542ddff85926975a21f9884aab
b1b1ae9e7bcc2eb07757b918d157121530e9c33009e0ad1285d9c10157ecdac2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166464
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 11:58:36 GMT
Etag: "63d8e9ac-117"
Expires: Thu, 02 Feb 2023 10:13:00 GMT
Last-Modified: Tue, 31 Jan 2023 10:13:00 GMT
Server: nginx
Content-Length: 279
nashe-ridne.at.ua/film2/Law_Abiding_Citizen_2009.jpg
195.216.243.234200 OK 78 kB URL HTTP/1.1 nashe-ridne.at.ua/film2/Law_Abiding_Citizen_2009.jpg
IP 195.216.243.234:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 200x200, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12], baseline, precision 8, 400x573, components 3\012- data
Hash 0bc008dcefb8620db0a320875ca50dae
0f8f4396a124e283795ba9709d9cfb18adcc455d
510875ccfe26609c10d33e2ac10b11ed78042f7a671c46560321b1c68edd4a1f
GET /film2/Law_Abiding_Citizen_2009.jpg HTTP/1.1
Host: nashe-ridne.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:35 GMT
Content-Type: image/jpeg
Content-Length: 78082
Last-Modified: Mon, 14 Dec 2009 21:36:22 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b26afd6-13102"
Expires: Mon, 20 Feb 2023 11:58:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/30.gif
193.109.246.72200 OK 167 B URL HTTP/1.1 marsian.at.ua/.s/t/451/30.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 10 x 10\012- data
Hash 60652b5ed81f5a3ab4f10ba9119a7cc0
1f98711d2cabc912784f7cb3e2cb9a2dc365932c
d1f5060a0632dcdc3932fed3e1025a5acfc0f72f86f813731afb3bff3e1e67a5
GET /.s/t/451/30.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/.s/src/css/451.css
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 167
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-a7"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/27.gif
193.109.246.72200 OK 212 B URL HTTP/1.1 marsian.at.ua/.s/t/451/27.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 12\012- data
Hash b404300dc39c854a96fd60be28db71f5
80b3e8e97790760e568f7810d017b438ba489e0a
c8bd583cb2800b3f05f6f21c1bef2e5bf2719ea4aa8fc1d439fde8d1c675891b
GET /.s/t/451/27.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 212
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-d4"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/26.gif
193.109.246.72200 OK 658 B URL HTTP/1.1 marsian.at.ua/.s/t/451/26.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 31 x 12\012- data
Hash f255ad866affe767226a9c29ce69905f
45bea629fa791c99e32947d218d10f911ed5e027
76c1451af42b097216f4cfb5a938ff6a214565a18973628d502a45abadbfc50e
GET /.s/t/451/26.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 658
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-292"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/13.gif
193.109.246.72200 OK 303 B URL HTTP/1.1 marsian.at.ua/.s/t/451/13.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 214 x 7\012- data
Hash 9245707c3152f9e53aa59b463038903a
d9d2410bf54d1c3057d81420b355561f3ba51e2f
431efee539c4028d8694d127432d83382cf96371ca3474251f5e45e272c0f3d8
GET /.s/t/451/13.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 303
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-12f"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/t/451/11.gif
193.109.246.72200 OK 70 B URL HTTP/1.1 marsian.at.ua/.s/t/451/11.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 14\012- data
Hash e0cf8055231672f7cb97c80d4af70e79
b28554c62ee9c0badf52271425d3a8718f680263
3fa02829a2f6e33b630b26c431ef7a392393023752eccb470cebeace789c25d5
GET /.s/t/451/11.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 70
Last-Modified: Wed, 03 Dec 2014 12:48:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f0689-46"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/?Sruxl6HmU3j4in%212Edh%21V%5EylfaaIx%3BwSFaTnifdjDKmOkXl05fzdJMjYdSwD1Z%3Bq2NuH9%21PqMSz4f%21ky7c3Cv0Ho
193.109.246.72200 OK 801 B URL HTTP/1.1 marsian.at.ua/?Sruxl6HmU3j4in%212Edh%21V%5EylfaaIx%3BwSFaTnifdjDKmOkXl05fzdJMjYdSwD1Z%3Bq2NuH9%21PqMSz4f%21ky7c3Cv0Ho
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7a015b85e6704780e00e0764fccfbbbb
1fa790262d1cb471edab3490709e24db5279f9cd
6877ef7ae3321ff68f22a69c27b43bda5cef662f06922edcd2d544a8ab57dd42
GET /?Sruxl6HmU3j4in%212Edh%21V%5EylfaaIx%3BwSFaTnifdjDKmOkXl05fzdJMjYdSwD1Z%3Bq2NuH9%21PqMSz4f%21ky7c3Cv0Ho HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip
marsian.at.ua/.s/img/wd/6/left-corners.png
193.109.246.72200 OK 1.6 kB URL HTTP/1.1 marsian.at.ua/.s/img/wd/6/left-corners.png
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type PNG image data, 6 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 1acbe73ff33ef5af8e586bb43e068d36
0931380908a3687166cc71b81e7b6037d5219aea
65791dab4faa39adfbde82317ed191eef117ce4e30822e915f63291b7273c6a7
GET /.s/img/wd/6/left-corners.png HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/.s/src/layer6.min.css
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/png
Content-Length: 1591
Last-Modified: Mon, 21 Nov 2022 12:38:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b715b-637"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/img/wd/6/right-corners.png
193.109.246.72200 OK 1.6 kB URL HTTP/1.1 marsian.at.ua/.s/img/wd/6/right-corners.png
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type PNG image data, 6 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 0860b2af39bb9ef0f7e23a3873cc88ac
539793110fa245d8c1d1890d9d3c2f1313aff800
bb1f167ea79a6783ed491d3f48febf04023540e6eec384e2959d2f2f01f76bbd
GET /.s/img/wd/6/right-corners.png HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/.s/src/layer6.min.css
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/png
Content-Length: 1597
Last-Modified: Mon, 21 Nov 2022 12:38:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b715b-63d"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/img/wd/6/top-bottom.png
193.109.246.72200 OK 1.3 kB URL HTTP/1.1 marsian.at.ua/.s/img/wd/6/top-bottom.png
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type PNG image data, 1 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 730c7290b6d2d76b93220f3ab0c9acf7
8d8f3f5ed7169df8990caa924b287355c9c24e76
591d523dbb17411d7823426d205e4c30803d0081ad7fccc9afeee92982e153fe
GET /.s/img/wd/6/top-bottom.png HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/.s/src/layer6.min.css
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/png
Content-Length: 1339
Last-Modified: Mon, 21 Nov 2022 12:38:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b715b-53b"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/img/wd/6/left-right.png
193.109.246.72200 OK 140 B URL HTTP/1.1 marsian.at.ua/.s/img/wd/6/left-right.png
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type PNG image data, 12 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 98ad58e21f9aacd57577e893e7b17cb1
7f1f52959360fbdb2e6896bdf799afdbf5045a81
ec7dfeb4cf0f6f06b16b8b1ba4b7858d188863bfa3d9f1b640aa86684223b4b5
GET /.s/img/wd/6/left-right.png HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/.s/src/layer6.min.css
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/png
Content-Length: 140
Last-Modified: Mon, 21 Nov 2022 12:38:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b715b-8c"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
marsian.at.ua/.s/img/fr/ajax3.gif
193.109.246.72200 OK 1.1 kB URL HTTP/1.1 marsian.at.ua/.s/img/fr/ajax3.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 16 x 16\012- data
Hash d700ad83d0a3c70488805e3ed515bf15
2e48c5d8842adf6064eeb4d08cead686595dde40
9777513b1dee8fbb0942cc13160510ff06cd1e868bd5dd24d060930871443ce6
GET /.s/img/fr/ajax3.gif HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 1079
Last-Modified: Mon, 21 Nov 2022 12:38:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7151-437"
Expires: Mon, 20 Feb 2023 11:58:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
s72.ucoz.net/adv/dummy/000/css/style.css
193.109.246.72200 OK 1.6 kB URL HTTP/1.1 s72.ucoz.net/adv/dummy/000/css/style.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash 50406c447ccad47ca9e5d53eff612ffb
16e3921585135a87a1066689c9c67a312d96c92d
01a0732bba96fb38be885a1d233fecf52e32c7e07e48cd05f6f07a3690ea304c
GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s72.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a36fd-19eb"
Content-Encoding: gzip
s72.ucoz.net/adv/dummy/000/img/ucoz-logo.png
193.109.246.72200 OK 4.6 kB URL HTTP/1.1 s72.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2
GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s72.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fd-11e9"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 11:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
142.250.74.97200 OK 60 kB URL HTTP/2 themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP 142.250.74.97:0
File type Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Hash 0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://marsian.at.ua
Connection: keep-alive
Referer: https://s72.ucoz.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 60332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 15:41:45 GMT
expires: Thu, 25 Jan 2024 15:41:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
age: 505012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2c3d3bbde30a971732f28f8affe6ab13
77d999fba29d0234c0f69e8ee6cb1636d234cfa5
d5eb2886199803982702f4078be0caf3cc6f8f4153d4a919536d8eba2eccf73f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5EB2886199803982702F4078BE0CAF3CC6F8F4153D4A919536D8EBA2ECCF73F"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3648
Expires: Tue, 31 Jan 2023 12:59:25 GMT
Date: Tue, 31 Jan 2023 11:58:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 11:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marsian.at.ua/favicon.ico
193.109.246.72200 OK 1.0 kB URL HTTP/1.1 marsian.at.ua/favicon.ico
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 22x22, components 3\012- data
Hash d1052f59bf9d04ecaa1ab786c8a59a76
56c7eab3c323ca276a968370cda1c06b1e5e03c8
18df5bef7a92864628f4569935a1de519ea916e526c6ebacd08a41ac3c150b5a
GET /favicon.ico HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/x-icon
Content-Length: 1029
Last-Modified: Sun, 09 Aug 2009 08:48:33 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4a7e8d61-405"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 11:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rot.spotsniper.ru/?src=ujs6
31.172.81.159200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__ru.js
216.58.211.3200 OK 168 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__ru.js
IP 216.58.211.3:0
File type HTML document, ASCII text, with very long lines (1334)
Size 168 kB (167571 bytes)
Hash f2594021282b276cf4851dd628961918
55b5b10d6a71fa1701930154bdcf1fb7e763446c
885f8a82043579539ae9e62f1dbc6e33dc9ff51d6d773ebbe8a305af92f71eb3
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://marsian.at.ua
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 167571
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:51:52 GMT
expires: Tue, 30 Jan 2024 17:51:52 GMT
cache-control: public, max-age=31536000
age: 65205
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 830cb0008bca72dcf1130c38a38c2667
e2a200835b47b39458ea070da87aad7d018a3df4
98463770c7b8f63a9a2e6c5d254656834951036a7b0c9508ebf8e4931dcafaa2
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 04 Feb 2023 09:04:10 GMT
ETag: "e2a200835b47b39458ea070da87aad7d018a3df4"
Last-Modified: Tue, 31 Jan 2023 09:04:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1548
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792246c9fda30b69-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2c3d3bbde30a971732f28f8affe6ab13
77d999fba29d0234c0f69e8ee6cb1636d234cfa5
d5eb2886199803982702f4078be0caf3cc6f8f4153d4a919536d8eba2eccf73f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5EB2886199803982702F4078BE0CAF3CC6F8F4153D4A919536D8EBA2ECCF73F"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 17:58:37 GMT
Date: Tue, 31 Jan 2023 11:58:37 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 830cb0008bca72dcf1130c38a38c2667
e2a200835b47b39458ea070da87aad7d018a3df4
98463770c7b8f63a9a2e6c5d254656834951036a7b0c9508ebf8e4931dcafaa2
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 04 Feb 2023 09:04:10 GMT
ETag: "e2a200835b47b39458ea070da87aad7d018a3df4"
Last-Modified: Tue, 31 Jan 2023 09:04:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1548
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792246c9fab9b521-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 830cb0008bca72dcf1130c38a38c2667
e2a200835b47b39458ea070da87aad7d018a3df4
98463770c7b8f63a9a2e6c5d254656834951036a7b0c9508ebf8e4931dcafaa2
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 04 Feb 2023 09:04:10 GMT
ETag: "e2a200835b47b39458ea070da87aad7d018a3df4"
Last-Modified: Tue, 31 Jan 2023 09:04:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1548
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792246c9ff41b506-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 11:58:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rot.spotsniper.ru/?src=ujs6&s_subid=btn
31.172.81.159200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6&s_subid=btn
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6&s_subid=btn HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166333054
88.212.201.198200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166333054
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;clickgate08?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166333054 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Sun, 30 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166332820
88.212.201.198200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166332820
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoznet?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166332820 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Sun, 30 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166332821
88.212.201.198200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166332821
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166332821 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Sun, 30 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//marsian.at.ua/news/1-0-9;s1280*1024*24;uhttps%3A//marsian.at.ua/%3FSruxl6HmU3j4in%25212Edh%2521V%255EylfaaIx%253BwSFaTnifdjDKmOkXl05fzdJMjYdSwD1Z%253Bq2NuH9%2521PqMSz4f%2521ky7c3Cv0Ho;1675166333773
88.212.201.198200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//marsian.at.ua/news/1-0-9;s1280*1024*24;uhttps%3A//marsian.at.ua/%3FSruxl6HmU3j4in%25212Edh%2521V%255EylfaaIx%253BwSFaTnifdjDKmOkXl05fzdJMjYdSwD1Z%253Bq2NuH9%2521PqMSz4f%2521ky7c3Cv0Ho;1675166333773
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_topline_worldwide?rhttps%3A//marsian.at.ua/news/1-0-9;s1280*1024*24;uhttps%3A//marsian.at.ua/%3FSruxl6HmU3j4in%25212Edh%2521V%255EylfaaIx%253BwSFaTnifdjDKmOkXl05fzdJMjYdSwD1Z%253Bq2NuH9%2521PqMSz4f%2521ky7c3Cv0Ho;1675166333773 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 11:58:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Sun, 30 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
s72.ucoz.net/adv/dummy/000/img/bg.gif
193.109.246.72200 OK 1.3 kB URL HTTP/1.1 s72.ucoz.net/adv/dummy/000/img/bg.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 485 x 3\012- data
Hash b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50
GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s72.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s72.ucoz.net/adv/dummy/000/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:38 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fd-4f4"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f4439493efb97eff0cede748dd2a0a0
fda0845e09e819542ddff85926975a21f9884aab
b1b1ae9e7bcc2eb07757b918d157121530e9c33009e0ad1285d9c10157ecdac2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=166464
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 11:58:37 GMT
Etag: "63d8e9ac-117"
Expires: Thu, 02 Feb 2023 10:13:01 GMT
Last-Modified: Tue, 31 Jan 2023 10:13:00 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 396634
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.35200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9832, version 1.0\012- data
Hash efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:25:03 GMT
expires: Mon, 29 Jan 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 178414
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8460
Expires: Tue, 31 Jan 2023 14:19:37 GMT
Date: Tue, 31 Jan 2023 11:58:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8460
Expires: Tue, 31 Jan 2023 14:19:37 GMT
Date: Tue, 31 Jan 2023 11:58:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 51016
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63486f2a937aa8fd013fc2c2d1b32f2d
e8868de34c2f79348c1edad764259eb70bebd7a6
fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13639
x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcJSF0SIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L6MnX0h8Bn9-ufqI6yOzQAPhqc4SoJKySgzlm756NaiVrfJpnftIWQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 06:29:38 GMT
age: 19739
etag: "e8868de34c2f79348c1edad764259eb70bebd7a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 36122
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 30841
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 51020
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 29265
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166335825
88.212.201.198200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166335825
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//marsian.at.ua/news/1-0-9;1675166335825 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 11:58:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Sun, 30 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f603f90a435c59a23d9f815333b1f0b7
a8752ef32b4f1156724129cabb80e718c6fd7deb
02b18dd4bb8104124cf19b10c45052036bd3b6ebc8c69a9dd52365e7970931d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02B18DD4BB8104124CF19B10C45052036BD3B6EBC8C69A9DD52365E7970931D3"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11226
Expires: Tue, 31 Jan 2023 15:05:45 GMT
Date: Tue, 31 Jan 2023 11:58:39 GMT
Connection: keep-alive
dominantroute.com/bens/vinos.js?23433&u=null&a=0.7935717923126606
193.200.64.20200 OK 140 kB URL HTTP/1.1 dominantroute.com/bens/vinos.js?23433&u=null&a=0.7935717923126606
IP 193.200.64.20:0
ASN #6681 Rozetka Sp. z o.o.
File type ASCII text, with very long lines (727)
Size 140 kB (140153 bytes)
Hash 6fb2d5f8961433255446706e1670e53d
dbf8be2610decedb5eb25708ee70be4e524d1854
2f7be4d965d94568e8d5846d7f64c3ec1f3504dfb5ec1677727d38b10273ded6
GET /bens/vinos.js?23433&u=null&a=0.7935717923126606 HTTP/1.1
Host: dominantroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:39 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16751657871532635802; expires=Thu, 30-Jan-2025 11:58:39 GMT; Max-Age=63072000; path=/; samesite=None; domain=.dominantroute.com; secure
marsian.at.ua/.s/src/jquery-3.6.0.min.js
193.109.246.72200 OK 0 B URL HTTP/1.1 marsian.at.ua/.s/src/jquery-3.6.0.min.js
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/jquery-3.6.0.min.js HTTP/1.1
Host: marsian.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marsian.at.ua/news/1-0-9
Cookie: ucvid=sWfl42leGs; 2marsianpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 11:58:36 GMT
Content-Type: text/javascript
Last-Modified: Thu, 01 Sep 2022 17:44:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef6c-15d9d"
Expires: Mon, 20 Feb 2023 11:58:36 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
fotky.com.ua/files/31790_1hu0b.jpg
188.114.96.1404 Not Found 0 B URL HTTP/2 fotky.com.ua/files/31790_1hu0b.jpg
IP 188.114.96.1:0
GET /files/31790_1hu0b.jpg HTTP/1.1
Host: fotky.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Tue, 31 Jan 2023 11:58:37 GMT
content-type: text/html; charset=UTF-8
vary: X-Forwarded-Proto,Accept-Encoding
x-powered-by: PHP/7.4.19
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://fotky.com.ua/wp-json/>; rel="https://api.w.org/"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcwLXSvY8YWudMEKF8qvy2qKO1Lof8ty9EdQdOq0uaeAblyOYDfkQSLGyDyUqK2twyWXbYiHJ63iiJb4Hq8vKh35M8Gj%2F7p9sWy12yE9kEuX58i5eGCwkbK6F702nGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792246c86e900b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2