cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
151.101.65.229200 OK 1.1 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
IP 151.101.65.229:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (1619)
Hash 45f12de4d7b95a193ecdc5cfde664bb9
ee9541cf1a95d2a885f8b143a105caaa08ca9c9d
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 21:30:40 GMT
age: 30634
x-served-by: cache-fra-eddf8230099-FRA, cache-bma1675-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1078
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash fc8e1ec54c50413f6e09e63a85414e7c
929ef6a2a5150200fe2bacfc03245b53be30e46f
9441071bcc600b4efd8d0e6f03237f7cccb737b30125bd1095051a5acdf23ec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:30:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/templates.js
159.89.215.151200 OK 1.8 kB URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/templates.js
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (1809), with no line terminators
Hash 453455584d1bceda36b6831809d7e4ea
b6eac1b0400a248d0da21a5fd352092fcfc1d686
f6e8e301cc9c3d48c483454edb9c51860d814261812d1243775cb8579ef5bd09
GET /gdpr/js/templates.js HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/javascript
date: Fri, 09 Jun 2023 21:30:40 GMT
expires: 0
last-modified: Wed, 07 Jun 2023 08:06:19 GMT
pragma: no-cache
server: Caddy, Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-length: 1809
X-Firefox-Spdy: h2
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/css/style.css
159.89.215.151200 OK 6.1 kB URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/css/style.css
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (6092), with no line terminators
Hash 6eda76ddba5d9aec8cddaaa34adf5bab
7e3f514d0cb4d852cb40b6fbc76b21a3234b705c
a47751940dd3ceda998be5b911840515d514e572f56c83da091051174ff34a1f
GET /gdpr/css/style.css HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css
date: Fri, 09 Jun 2023 21:30:40 GMT
expires: 0
last-modified: Wed, 07 Jun 2023 08:06:19 GMT
pragma: no-cache
server: Caddy, Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-length: 6092
X-Firefox-Spdy: h2
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/script.js
159.89.215.151200 OK 4.1 kB URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/script.js
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (4086), with no line terminators
Hash dbaf0bb4818528bdde822aa67b62345c
d3def9b27b543d90849188f24e11883aab146df5
c972c022b8fa30c933194d5e7c9ad5e795a5bee79ace85da85307e20213b3797
GET /gdpr/js/script.js HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/javascript
date: Fri, 09 Jun 2023 21:30:40 GMT
expires: 0
last-modified: Wed, 07 Jun 2023 08:06:19 GMT
pragma: no-cache
server: Caddy, Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-length: 4086
X-Firefox-Spdy: h2
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/langs/en.js
159.89.215.151200 OK 1.2 kB URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/langs/en.js
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash 3455d58a98162d6fd6c89b848e48097d
f8a1cd935774ab7e85de8dbd14ec39408677450b
11408d630284e94bb4ddaee08b294fd2cb0342bdfcb443f67deb4a062aa55dc5
GET /gdpr/langs/en.js HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/javascript
date: Fri, 09 Jun 2023 21:30:40 GMT
expires: 0
last-modified: Wed, 07 Jun 2023 08:06:19 GMT
pragma: no-cache
server: Caddy, Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-length: 1170
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226 1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash ebe78e333286edbb69fa658fbfc55a1b
e3d8d9bd1f64e843d0a2b7a8a66db71f6dae1cbe
f2c77d7df6f201406e84c47d2b2ff61bc3a736575bb59d677411dda302a9e43b
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 21:30:41 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FCE5701F29C1815D4CACE60486D48C6727575B50"
Expires: Sat, 10 Jun 2023 09:00:00 GMT
Last-Modified: Fri, 09 Jun 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 544
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d4c7a263e8bb509-OSL
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash fc8e1ec54c50413f6e09e63a85414e7c
929ef6a2a5150200fe2bacfc03245b53be30e46f
9441071bcc600b4efd8d0e6f03237f7cccb737b30125bd1095051a5acdf23ec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-69935771-28
142.250.74.168200 OK 48 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-69935771-28
IP 142.250.74.168:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash 77e452c6b28212cb3a4786dba70d3dca
98c08de87a32eab3ed4d37ef70e6fc8be86b2bff
e8db4dee73c973cb8007f53047663b4f7031b0d6544575f40d95908c20616d91
GET /gtag/js?id=UA-69935771-28 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Jun 2023 21:30:41 GMT
expires: Fri, 09 Jun 2023 21:30:41 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Jun 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-N24X7V9
142.250.74.168200 OK 71 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N24X7V9
IP 142.250.74.168:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type Unicode text, UTF-8 text, with very long lines (11769)
Hash 6a13a6350f99c9002203e9b2d40ed526
608d2375ff6e5ffcb8fe4623817c4986b2faca6b
e696144cf54ff64c7928a908e74fb4ad510585f35edc70f0848067c502220e9e
GET /gtm.js?id=GTM-N24X7V9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Jun 2023 21:30:41 GMT
expires: Fri, 09 Jun 2023 21:30:41 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Jun 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71356
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/styles.css
159.89.215.151200 OK 893 kB URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/styles.css
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 893 kB (892767 bytes)
Hash 7f76c5d0353c51b023e2a7bc45f60422
1f09914eb414a1efa049636e07f3ed7d00cdb5e2
8bd318315fd19af93dab42d65cc73f9780e5be95457257da8b44dfec70c67004
GET /dist/styles.css HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=1209600
content-type: text/css
date: Fri, 09 Jun 2023 21:30:40 GMT
last-modified: Wed, 07 Jun 2023 08:06:19 GMT
server: Caddy, Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-length: 892767
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash fc8e1ec54c50413f6e09e63a85414e7c
929ef6a2a5150200fe2bacfc03245b53be30e46f
9441071bcc600b4efd8d0e6f03237f7cccb737b30125bd1095051a5acdf23ec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash df893f12f5cf31daedf4910ffcc872c8
bbd271b0e76cd11d6a00327914b74882c95655fb
134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash df893f12f5cf31daedf4910ffcc872c8
bbd271b0e76cd11d6a00327914b74882c95655fb
134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c
142.250.74.168200 OK 85 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (4372)
Hash 705a29ad69c98ed583eb36f49b8d3046
9d75e6b16ddc747cf885a1dd445d0321cb4dc9f8
21ae8e8709ab8d730369ef08b7d8c270b8ea0b060f3cd19365bee4dda051b98e
GET /gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Jun 2023 21:30:41 GMT
expires: Fri, 09 Jun 2023 21:30:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tag.getdrip.com/2607659.js
54.230.111.88200 OK 2.1 kB URL GET HTTP/2 tag.getdrip.com/2607659.js
IP 54.230.111.88:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerAmazon
Subject*.getdrip.com
Fingerprint3E:57:50:A6:D1:A1:2E:AF:A3:74:E3:E3:F5:0E:42:F8:C9:9F:C8:C8
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 27 Jan 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 910eab40becfecc373a8103b135e07b5
f49b7c0b13273541a1b1711c7eadcb9947bc1c59
d87a884927a79383657136386334cda7228d4b2fc84170a4e396ec41e5b04322
GET /2607659.js HTTP/1.1
Host: tag.getdrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 09 Jun 2023 21:30:17 GMT
last-modified: Fri, 09 Jun 2023 21:27:56 GMT
etag: W/"a03c904d94e5820b9fdd6ba4d4304327"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DpmxDzekyj_afCvNFIIOro3D3oq2N5ejFQWd49K_QULtGMp9bDc2iQ==
age: 25
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Montserrat:wght@400;500;700&family=Muli&family=Mulish&family=Noto+Serif&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Raleway:wght@400;800;900&family=Source+Sans+Pro:wght@400;600&family=Source+Serif+Pro&family=Work+Sans:wght@400;500&display=swap
142.250.74.106200 OK 3.3 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Montserrat:wght@400;500;700&family=Muli&family=Mulish&family=Noto+Serif&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Raleway:wght@400;800;900&family=Source+Sans+Pro:wght@400;600&family=Source+Serif+Pro&family=Work+Sans:wght@400;500&display=swap
IP 142.250.74.106:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type gzip compressed data, max compression\012- data
Hash bffaad0202101e4fa15767bdc5018f41
e42a9e60aa1db4b70a4acae0389e01b34d829359
0d39e5f78768f46cbfcf9bd359f64fc01bacd29c8aed26c9ce2f06470dad052e
GET /css2?family=Lato:wght@400;700&family=Montserrat:wght@400;500;700&family=Muli&family=Mulish&family=Noto+Serif&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Raleway:wght@400;800;900&family=Source+Sans+Pro:wght@400;600&family=Source+Serif+Pro&family=Work+Sans:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Jun 2023 21:30:41 GMT
date: Fri, 09 Jun 2023 21:30:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
216.58.207.227200 OK 20 kB URL GET HTTP/2 fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
IP 216.58.207.227:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 20528, version 1.0\012- data
Hash 04ca72bd569636b918e93b04f663a196
9e12248c8dfb7b2315fb1a856015aebdd440e2fc
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
GET /s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 19:18:26 GMT
expires: Tue, 04 Jun 2024 19:18:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 23:17:09 GMT
content-type: font/woff2
age: 353535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Mulish:wght@900&display=swap
142.250.74.106200 OK 15 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Mulish:wght@900&display=swap
IP 142.250.74.106:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type gzip compressed data, max compression\012- data
Hash 339a84a3f28474e4f6e9351e5ea6c434
58b4dd570c7b064b54ab51a4740e58bec6426556
ea522eb26d711f74d2e3dbdbaa3a741aebbe4dfd085c0fc6892cd128a3af8012
GET /css2?family=Mulish:wght@900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Jun 2023 21:30:41 GMT
date: Fri, 09 Jun 2023 21:30:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.227:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 14892, version 1.0\012- data
Hash 9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:52:54 GMT
expires: Tue, 04 Jun 2024 18:52:54 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 355067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 20:15:31 GMT
expires: Wed, 05 Jun 2024 20:15:31 GMT
cache-control: public, max-age=31536000
age: 263710
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sleeknotecustomerscripts.sleeknote.com/87524.js
54.230.111.84200 OK 1.1 kB URL GET HTTP/2 sleeknotecustomerscripts.sleeknote.com/87524.js
IP 54.230.111.84:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerAmazon
Subject*.sleeknote.com
Fingerprint50:66:77:92:47:1B:8E:70:4D:A3:75:3D:A4:97:9D:EA:F0:F1:22:5E
ValidityWed, 08 Feb 2023 00:00:00 GMT - Wed, 06 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (2671), with no line terminators
Hash d0795b85c1efcdd878f436de3271a7d0
77bb42833de3c6427576bdd299893ec6ded41817
32068555973b31463686e942e1ba010d5002af3d3dab3c70bebcb111f0ec24e9
GET /87524.js HTTP/1.1
Host: sleeknotecustomerscripts.sleeknote.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 1074
last-modified: Wed, 08 Feb 2023 13:12:04 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 96riHVWG.h_17D_4wDulhp7NODiLZJPy
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Jun 2023 21:30:40 GMT
cache-control: max-age=60
etag: "abdcf6babc9bbac009ee7a5a8a1c447c"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6cU41Wfso0ejrUwDCTarj_ntI5yIsH8XYXZZl9oKtgBIJydyiILlzw==
age: 2
X-Firefox-Spdy: h2
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/favicon/favicon-16x16.png
159.89.215.151200 OK 1.2 kB URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/favicon/favicon-16x16.png
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash a86978c1bf63a0950f991c940d6fa0e7
e7d3cc1ad625e2ad191fdd092cdb8c89564f1567
bf05a27240af0fa968c7394905fc2e6d9dfa51edec38a926efba4c8bf0399db9
GET /favicon/favicon-16x16.png HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885; _ga_SWXNNMMKPQ=GS1.1.1686346240.1.0.1686346240.0.0.0; _ga=GA1.1.1949893212.1686346241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/png
date: Fri, 09 Jun 2023 21:30:40 GMT
expires: 0
last-modified: Wed, 07 Jun 2023 08:06:19 GMT
pragma: no-cache
server: Caddy, Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-length: 1235
X-Firefox-Spdy: h2
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/favicon/apple-touch-icon.png
159.89.215.151200 OK 10 kB URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/favicon/apple-touch-icon.png
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 47001c105674123e5c9dfbde7046c21b
246d6dab45d06803db4ab8238642fbd012b3d343
64debab32dbe30ee2fd60a3b0fa011b6adf36b34af07656cedbb4b1c9d055c20
GET /favicon/apple-touch-icon.png HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885; _ga_SWXNNMMKPQ=GS1.1.1686346240.1.0.1686346240.0.0.0; _ga=GA1.1.1949893212.1686346241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/png
date: Fri, 09 Jun 2023 21:30:40 GMT
expires: 0
last-modified: Wed, 07 Jun 2023 08:06:19 GMT
pragma: no-cache
server: Caddy, Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-length: 10180
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 3a9799158e583718a1275f1e20fb6675
517626babba1d5b5a8e6eb7483b9a4eec703e86a
6f0e32ed8c19843e7027cedb64a7c94dcdccc38c8f6f93d7fe26b4470d595050
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 09 Jun 2023 21:30:41 GMT
Last-Modified: Fri, 09 Jun 2023 20:34:43 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UkHZCYlwVleP1WkGu5NcwAaNNDcSu7zXVBxKynUifSsVJyA3Sl_nVA==
Age: 3358
api.getdrip.com/client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&domain=sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_710910274
54.230.111.106200 OK 84 B URL GET HTTP/2 api.getdrip.com/client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&domain=sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_710910274
IP 54.230.111.106:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerAmazon
Subject*.getdrip.com
Fingerprint3E:57:50:A6:D1:A1:2E:AF:A3:74:E3:E3:F5:0E:42:F8:C9:9F:C8:C8
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 27 Jan 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash a0a6f535a9ce9fb93b3770bbedc69772
2132bdd3bf0507c0c3dff57279030c3312cd8561
a5e30c733b0873b338f6f04c79a9d5809a3d2459cce9608ffbb8292a791070e9
GET /client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&domain=sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_710910274 HTTP/1.1
Host: api.getdrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 84
date: Fri, 09 Jun 2023 21:30:41 GMT
x-amzn-requestid: 580fbcfb-6cd9-4d03-9abb-f1d3c566750e
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-runtime: 0.033624
strict-transport-security: max-age=63072000; includeSubDomains
x-amzn-remapped-content-length: 84
x-frame-options: SAMEORIGIN
x-amzn-remapped-connection: keep-alive
x-download-options: noopen
x-request-id: f423722d-808f-4b5f-8312-7d1aa96053e5
x-amz-apigw-id: GRUAVEOdIAMFZ7g=
vary: Accept
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-server: nginx
x-content-type-options: nosniff
etag: W/"a5e30c733b0873b338f6f04c79a9d580"
x-amzn-remapped-date: Fri, 09 Jun 2023 21:30:41 GMT
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dUOj274N5TX_axBl7w77HkaaDSPRWLfHIU0cMCgzU0q8El4Lg6KKFw==
X-Firefox-Spdy: h2
api.getdrip.com/client/track?url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&visitor_uuid=207ea4188303425780409a8f858cda45&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_354082610
54.230.111.106200 OK 101 B URL GET HTTP/2 api.getdrip.com/client/track?url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&visitor_uuid=207ea4188303425780409a8f858cda45&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_354082610
IP 54.230.111.106:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerAmazon
Subject*.getdrip.com
Fingerprint3E:57:50:A6:D1:A1:2E:AF:A3:74:E3:E3:F5:0E:42:F8:C9:9F:C8:C8
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 27 Jan 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash aeddf65eca92603074896ab9cb0bcb0b
85eaa8ccf3dffa62978d29fa9a62211ed4cbaf07
7260ff336a78aa66df4a2656d4f669abf9272606db740a08bbb10a9f0fa0e558
GET /client/track?url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&visitor_uuid=207ea4188303425780409a8f858cda45&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_354082610 HTTP/1.1
Host: api.getdrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 101
date: Fri, 09 Jun 2023 21:30:42 GMT
x-amzn-requestid: 7c502871-4d1d-4998-aaf7-8a7ec94d9f15
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-runtime: 0.046636
strict-transport-security: max-age=63072000; includeSubDomains
x-amzn-remapped-content-length: 101
x-frame-options: SAMEORIGIN
x-amzn-remapped-connection: keep-alive
x-download-options: noopen
x-request-id: 12c818d6-c840-4457-8e70-806569b48a87
x-amz-apigw-id: GRUAZElvoAMFbYQ=
vary: Accept
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-server: nginx
x-content-type-options: nosniff
etag: W/"7260ff336a78aa66df4a2656d4f669ab"
x-amzn-remapped-date: Fri, 09 Jun 2023 21:30:42 GMT
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s280L18wmaC_oAv7wKrVrs_z8nbFa6RAYkwCqxKGn67AGKNr9RWeFg==
X-Firefox-Spdy: h2
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
159.89.215.151200 OK 3.4 kB URL User Request GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3603), with no line terminators
Hash 0b4d7a67443d34272266706f0db5789d
bce955d7a6a6e980c2a50bb53a9f548235037430
61dac40dac3dbbe9e4f6efd964721ab93c0506acf296643e4b44fd3289007a94
GET / HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-type: text/html;charset=UTF-8
date: Fri, 09 Jun 2023 21:30:39 GMT
expires: 0
pragma: no-cache
server: Caddy, Cowboy
set-cookie: JSESSIONID=4668896EF383E9ED21C418A564168885; Max-Age=21600; Expires=Sat, 10-Jun-2023 03:30:40 GMT; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 216.58.207.227:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 14824, version 1.0\012- data
Hash 48598bad30f08e1c3eb3d0e69b420bd5
28c2cf160273c2062f909a875c4b4c0541ee2f84
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:52:54 GMT
expires: Tue, 04 Jun 2024 18:52:54 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
content-type: font/woff2
age: 355067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js
54.230.111.107200 OK 98 kB URL GET HTTP/3 sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js
IP 54.230.111.107:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerAmazon
Subject*.sleeknote.com
Fingerprint50:66:77:92:47:1B:8E:70:4D:A3:75:3D:A4:97:9D:EA:F0:F1:22:5E
ValidityWed, 08 Feb 2023 00:00:00 GMT - Wed, 06 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 714431a73c9740e08c411774bcb506a6
c9c0d92d92e5956e8e9f3ed556d0a2487c3ee6ce
4171a80300b386a248c765bfd3a532ddaffe0ea332a36cdb5852f8e212953e6b
GET /production/package-core-boot.js HTTP/1.1
Host: sleeknotestaticcontent.sleeknote.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
age: 84
last-modified: Thu, 08 Jun 2023 13:53:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: pdqLmjZu65IPbA1JOeCk7bNEBN.PJlX4
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Jun 2023 21:29:20 GMT
cache-control: no-cache
etag: W/"714431a73c9740e08c411774bcb506a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iEZeZ-L7nXSfN9x2fw_-BUAVuqL-VdQO4bsdu7piUkPViVKWNZKWyQ==
d14jnfavjicsbe.cloudfront.net/client.js
54.230.245.226200 OK 88 kB URL GET HTTP/2 d14jnfavjicsbe.cloudfront.net/client.js
IP 54.230.245.226:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client.js HTTP/1.1
Host: d14jnfavjicsbe.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 19 Jan 2023 17:30:45 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-md5sum: i48XcACSBVS9Hp96FezhMA==
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Jun 2023 21:29:56 GMT
cache-control: max-age=300
etag: W/"8b8f177000920554bd1e9f7a15ece130"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SrpnTgVTgFOtxYDVa3Wp7iM7GrZWqnfXItoiRiemq27mwg3zRrZj4A==
age: 46
X-Firefox-Spdy: h2
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/src/assets/images/error-404..svg
159.89.215.151200 OK 1.6 kB URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/src/assets/images/error-404..svg
IP 159.89.215.151:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerZeroSSL
Subject
Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF
ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1740), with no line terminators
Hash 708aa88c535179d2504d741878a49332
933fdc7774f923d76e2aff5e88e7f83bb877a749
7cacc21e339c9586840151462076b92d4b8904a155de55887f09b822a2768f3c
GET /dist/src/assets/images/error-404..svg HTTP/1.1
Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/styles.css
Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/svg+xml
date: Fri, 09 Jun 2023 21:30:40 GMT
expires: 0
last-modified: Wed, 07 Jun 2023 08:06:19 GMT
pragma: no-cache
server: Caddy, Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-length: 1613
X-Firefox-Spdy: h2
sleeknotestaticcontent.sleeknote.com/core.js
54.230.111.107200 OK 5.1 kB URL GET HTTP/2 sleeknotestaticcontent.sleeknote.com/core.js
IP 54.230.111.107:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerAmazon
Subject*.sleeknote.com
Fingerprint50:66:77:92:47:1B:8E:70:4D:A3:75:3D:A4:97:9D:EA:F0:F1:22:5E
ValidityWed, 08 Feb 2023 00:00:00 GMT - Wed, 06 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (5262), with no line terminators
Hash c53bfdf7753c7e287bdc34d6341d34ee
c969a0b7ee6600d3acd0e5f7fe042d41a9c277d4
513b8788b0807a06922e50b4dbdc3e65ec9916158ccef555e1b5718e5cfca018
GET /core.js HTTP/1.1
Host: sleeknotestaticcontent.sleeknote.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 08 Jun 2023 13:53:11 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 8wIcJp9EgY40Q.NR_GJQbCDU8ml3FvwK
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Jun 2023 21:29:27 GMT
cache-control: no-cache
etag: W/"58ba84e58fa7ae7f3c364db6a49d9bb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bHI3wUMO4SAUDhsw1w__tYjKfNE4xNT7x8KxevJNsHRePVkPiN1yzQ==
age: 76
X-Firefox-Spdy: h2
sleeknotestaticcontent.sleeknote.com/production/package-tracker.js
54.230.111.107200 OK 14 kB URL GET HTTP/3 sleeknotestaticcontent.sleeknote.com/production/package-tracker.js
IP 54.230.111.107:443
Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Certificate IssuerAmazon
Subject*.sleeknote.com
Fingerprint50:66:77:92:47:1B:8E:70:4D:A3:75:3D:A4:97:9D:EA:F0:F1:22:5E
ValidityWed, 08 Feb 2023 00:00:00 GMT - Wed, 06 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (13926), with no line terminators
Hash 0a8a47db16031429c3a5edfd7ffc3f99
8bce3151d9311f8a0360918b736a10549b84b2b7
3066fce80c674eb04f10fcb4aecb04d173e7a678d82f2e97ff155404b6cc5763
GET /production/package-tracker.js HTTP/1.1
Host: sleeknotestaticcontent.sleeknote.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
age: 71
last-modified: Thu, 08 Jun 2023 13:53:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: RscUOS8N3zyQ36_OnEe6o24fZ4OiY5KS
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Jun 2023 21:29:32 GMT
cache-control: no-cache
etag: W/"0a8a47db16031429c3a5edfd7ffc3f99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r4hetinilOGCpPdPLr5GEaNe8BKeBFuOgNf4hBr1vXVa-705CNJ5EA==