Report - sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/

Report Overview

Submitted URL
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/
IP
159.89.215.151
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2023-06-09 21:30:58
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
9
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-09	2.5 kB	77 kB	216.58.207.227
sleeknotecustomerscripts.sleeknote.com	20415	2012-11-25	2014-12-21	2023-06-09	498 B	1.7 kB	54.230.111.84
sleeknotestaticcontent.sleeknote.com	23457	2012-11-25	2020-01-27	2023-06-09	1.5 kB	119 kB	54.230.111.107
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-06-09	504 B	1.8 kB	151.101.65.229
sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com	unknown	2014-03-04	2023-02-14	2023-06-05	5.9 kB	927 kB	159.89.215.151
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-06-09	1.5 kB	206 kB	142.250.74.168
tag.getdrip.com	20100	2012-11-04	2013-07-17	2023-06-09	477 B	2.6 kB	54.230.111.88
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-09	1.3 kB	20 kB	142.250.74.106
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-09	2.7 kB	5.6 kB	142.250.74.131
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-09	358 B	1.9 kB	104.18.21.226
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-09	340 B	942 B	54.230.80.227
api.getdrip.com	20640	2012-11-04	2018-03-30	2023-06-09	1.5 kB	2.3 kB	54.230.111.106
d14jnfavjicsbe.cloudfront.net	unknown	2008-04-25	2021-01-17	2023-06-09	492 B	89 kB	54.230.245.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-09 21:30:39	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-06-09 21:30:39	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-06-09 21:30:39	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-06-09 21:30:39	medium	Client IP	159.89.215.151	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1
2023-06-09 21:30:40	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-06-09 21:30:40	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-06-09 21:30:40	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-06-09 21:30:40	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-06-09 21:30:40	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/	0 B	2023-03-07	2024-05-10
Pretty URL sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ IP 159.89.215.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 20:27:49 Times Seen37521814 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-10
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-10 20:26:10 Times Seen346338 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js	2.0 kB	2023-03-07	2024-05-10
Pretty URL cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:43 Last Seen2024-05-10 18:38:03 Times Seen4047 Hash 45f12de4d7b95a193ecdc5cfde664bb9 ee9541cf1a95d2a885f8b143a105caaa08ca9c9d 39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b Loading...

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/script.js	4.1 kB	2023-03-13	2023-08-18
Pretty URL sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/script.js IP 159.89.215.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:34 Last Seen2023-08-18 11:05:32 Times Seen731 Hash dbaf0bb4818528bdde822aa67b62345c d3def9b27b543d90849188f24e11883aab146df5 c972c022b8fa30c933194d5e7c9ad5e795a5bee79ace85da85307e20213b3797 Loading...

	d14jnfavjicsbe.cloudfront.net/client.js	88 kB	2023-03-13	2024-02-23
Pretty URL d14jnfavjicsbe.cloudfront.net/client.js IP 54.230.245.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:58:58 Last Seen2024-02-23 13:34:16 Times Seen476 Hash 8b8f177000920554bd1e9f7a15ece130 1dd9616b23debc85b387f1d95d722e2301324412 3e2398560f005ff2adf94aa45f2f5134d652c00ee3d94be0698b956b624199f1 Loading...

	sleeknotestaticcontent.sleeknote.com/production/package-tracker.js	14 kB	2023-04-26	2023-09-07
Pretty URL sleeknotestaticcontent.sleeknote.com/production/package-tracker.js IP 54.230.111.107 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-26 11:16:45 Last Seen2023-09-07 08:48:03 Times Seen722 Hash 0a8a47db16031429c3a5edfd7ffc3f99 8bce3151d9311f8a0360918b736a10549b84b2b7 3066fce80c674eb04f10fcb4aecb04d173e7a678d82f2e97ff155404b6cc5763 Loading...

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/templates.js	1.8 kB	2023-03-13	2023-08-18
Pretty URL sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/templates.js IP 159.89.215.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:34 Last Seen2023-08-18 11:05:32 Times Seen720 Hash 453455584d1bceda36b6831809d7e4ea b6eac1b0400a248d0da21a5fd352092fcfc1d686 f6e8e301cc9c3d48c483454edb9c51860d814261812d1243775cb8579ef5bd09 Loading...

	tag.getdrip.com/2607659.js	5.3 kB	2023-06-09	2023-06-09
Pretty URL tag.getdrip.com/2607659.js IP 54.230.111.88 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 23:31:00 Last Seen2023-06-09 23:31:00 Times Seen1 Hash a03c904d94e5820b9fdd6ba4d4304327 1c342285a0d90bcdfd30c3f617383b1dc19f1d4a 6d9fc1a529c6da0acac27a58ad67f19d12eed0514c006327ecb6c14525f42dfd Loading...

	api.getdrip.com/client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&domain=sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_710910274	84 B	2023-06-09	2023-06-09
Pretty URL api.getdrip.com/client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&domain=sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_710910274 IP 54.230.111.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 23:31:00 Last Seen2023-06-09 23:31:00 Times Seen2 Hash a0a6f535a9ce9fb93b3770bbedc69772 2132bdd3bf0507c0c3dff57279030c3312cd8561 a5e30c733b0873b338f6f04c79a9d5809a3d2459cce9608ffbb8292a791070e9 Loading...

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/	393 B	2023-04-07	2023-08-18
Pretty URL sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ IP 159.89.215.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 08:46:09 Last Seen2023-08-18 11:05:32 Times Seen323 Hash e550ea11bd39ec4333f8f7a24dff7000 f544e40834aef2ed064298d5e4eb3e0f01276a63 44f8a8a75424485a6cca8c3200536ecf34c08bfd60d552a33ec425a0b97734f4 Loading...

	www.googletagmanager.com/gtag/js?id=UA-69935771-28	123 kB	2023-06-09	2023-06-09
Pretty URL www.googletagmanager.com/gtag/js?id=UA-69935771-28 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 23:31:00 Last Seen2023-06-09 23:31:00 Times Seen2 Hash 77e452c6b28212cb3a4786dba70d3dca 98c08de87a32eab3ed4d37ef70e6fc8be86b2bff e8db4dee73c973cb8007f53047663b4f7031b0d6544575f40d95908c20616d91 Loading...

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/sandbox%20eval%20code	147 B	2023-04-11	2024-05-10
Pretty URL sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-10 20:26:11 Times Seen346846 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c	245 kB	2023-06-09	2023-06-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 23:31:00 Last Seen2023-06-09 23:31:00 Times Seen2 Hash 705a29ad69c98ed583eb36f49b8d3046 9d75e6b16ddc747cf885a1dd445d0321cb4dc9f8 21ae8e8709ab8d730369ef08b7d8c270b8ea0b060f3cd19365bee4dda051b98e Loading...

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/langs/en.js	1.2 kB	2023-03-13	2023-08-18
Pretty URL sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/langs/en.js IP 159.89.215.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:34 Last Seen2023-08-18 11:05:32 Times Seen722 Hash 3455d58a98162d6fd6c89b848e48097d f8a1cd935774ab7e85de8dbd14ec39408677450b 11408d630284e94bb4ddaee08b294fd2cb0342bdfcb443f67deb4a062aa55dc5 Loading...

	sleeknotecustomerscripts.sleeknote.com/87524.js	2.7 kB	2023-03-13	2023-08-18
Pretty URL sleeknotecustomerscripts.sleeknote.com/87524.js IP 54.230.111.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:51:03 Last Seen2023-08-18 11:05:33 Times Seen692 Hash d0795b85c1efcdd878f436de3271a7d0 77bb42833de3c6427576bdd299893ec6ded41817 32068555973b31463686e942e1ba010d5002af3d3dab3c70bebcb111f0ec24e9 Loading...

	sleeknotestaticcontent.sleeknote.com/core.js#DripOnsite	5.1 kB	2023-04-26	2023-06-13
Pretty URL sleeknotestaticcontent.sleeknote.com/core.js#DripOnsite IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-26 11:16:46 Last Seen2023-06-13 15:13:21 Times Seen215 Hash 58ba84e58fa7ae7f3c364db6a49d9bb3 b047cd1fee664e59286e65cf57e57acaaaabb612 60cdcefd04356bef9c14e738d4644d796c197bcd72177cc7050bc6fd97785d35 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-N24X7V9	205 kB	2023-06-09	2023-06-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N24X7V9 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 23:31:00 Last Seen2023-06-09 23:31:00 Times Seen2 Hash 6a13a6350f99c9002203e9b2d40ed526 608d2375ff6e5ffcb8fe4623817c4986b2faca6b e696144cf54ff64c7928a908e74fb4ad510585f35edc70f0848067c502220e9e Loading...

	unknown	263 B	2023-03-13	2023-08-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:34 Last Seen2023-08-18 11:05:32 Times Seen410 Hash 06136bf6e80385af988e4a54d3e59846 9da8dc9465543fc7ccdb70eb57b863dd4bd74e91 21aa88e2e84d7fe6869577891e7e60bb91945a788f69dc52c396c2dc17657722 Loading...

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/	0 B	2023-03-07	2024-05-10
Pretty URL sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ IP 159.89.215.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 20:27:49 Times Seen37521814 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	api.getdrip.com/client/track?url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&visitor_uuid=207ea4188303425780409a8f858cda45&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_354082610	101 B	2023-06-09	2023-06-09
Pretty URL api.getdrip.com/client/track?url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&visitor_uuid=207ea4188303425780409a8f858cda45&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_354082610 IP 54.230.111.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 23:31:00 Last Seen2023-06-09 23:31:00 Times Seen2 Hash aeddf65eca92603074896ab9cb0bcb0b 85eaa8ccf3dffa62978d29fa9a62211ed4cbaf07 7260ff336a78aa66df4a2656d4f669abf9272606db740a08bbb10a9f0fa0e558 Loading...

	sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js	98 kB	2023-06-09	2023-06-13
Pretty URL sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js IP 54.230.111.107 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 04:49:45 Last Seen2023-06-13 15:13:21 Times Seen39 Hash 714431a73c9740e08c411774bcb506a6 c9c0d92d92e5956e8e9f3ed556d0a2487c3ee6ce 4171a80300b386a248c765bfd3a532ddaffe0ea332a36cdb5852f8e212953e6b Loading...

HTTP Transactions (37)

	URL	IP	Response	Size
	cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js	151.101.65.229	200 OK	1.1 kB
URL GET HTTP/2 cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js IP 151.101.65.229:443 ASN #54113 FASTLY Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT File type ASCII text, with very long lines (1619) Size 1.1 kB (1078 bytes) Hash 45f12de4d7b95a193ecdc5cfde664bb9 ee9541cf1a95d2a885f8b143a105caaa08ca9c9d 39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b HTTP Headers `GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=604800, s-maxage=43200 cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload content-type: application/javascript; charset=utf-8 x-jsd-version: 2.2.1 x-jsd-version-type: version etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0" content-encoding: br accept-ranges: bytes date: Fri, 09 Jun 2023 21:30:40 GMT age: 30634 x-served-by: cache-fra-eddf8230099-FRA, cache-bma1675-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 1078 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash fc8e1ec54c50413f6e09e63a85414e7c 929ef6a2a5150200fe2bacfc03245b53be30e46f 9441071bcc600b4efd8d0e6f03237f7cccb737b30125bd1095051a5acdf23ec6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 21:30:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/templates.js	159.89.215.151	200 OK	1.8 kB
URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/templates.js IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type HTML document, ASCII text, with very long lines (1809), with no line terminators Size 1.8 kB (1809 bytes) Hash 453455584d1bceda36b6831809d7e4ea b6eac1b0400a248d0da21a5fd352092fcfc1d686 f6e8e301cc9c3d48c483454edb9c51860d814261812d1243775cb8579ef5bd09 HTTP Headers GET /gdpr/js/templates.js HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes cache-control: no-cache, no-store, max-age=0, must-revalidate content-type: application/javascript date: Fri, 09 Jun 2023 21:30:40 GMT expires: 0 last-modified: Wed, 07 Jun 2023 08:06:19 GMT pragma: no-cache server: Caddy, Cowboy strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block content-length: 1809 X-Firefox-Spdy: h2`

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/css/style.css	159.89.215.151	200 OK	6.1 kB
URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/css/style.css IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type ASCII text, with very long lines (6092), with no line terminators Size 6.1 kB (6092 bytes) Hash 6eda76ddba5d9aec8cddaaa34adf5bab 7e3f514d0cb4d852cb40b6fbc76b21a3234b705c a47751940dd3ceda998be5b911840515d514e572f56c83da091051174ff34a1f HTTP Headers GET /gdpr/css/style.css HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes cache-control: no-cache, no-store, max-age=0, must-revalidate content-type: text/css date: Fri, 09 Jun 2023 21:30:40 GMT expires: 0 last-modified: Wed, 07 Jun 2023 08:06:19 GMT pragma: no-cache server: Caddy, Cowboy strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block content-length: 6092 X-Firefox-Spdy: h2`

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/script.js	159.89.215.151	200 OK	4.1 kB
URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/js/script.js IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type ASCII text, with very long lines (4086), with no line terminators Size 4.1 kB (4086 bytes) Hash dbaf0bb4818528bdde822aa67b62345c d3def9b27b543d90849188f24e11883aab146df5 c972c022b8fa30c933194d5e7c9ad5e795a5bee79ace85da85307e20213b3797 HTTP Headers GET /gdpr/js/script.js HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes cache-control: no-cache, no-store, max-age=0, must-revalidate content-type: application/javascript date: Fri, 09 Jun 2023 21:30:40 GMT expires: 0 last-modified: Wed, 07 Jun 2023 08:06:19 GMT pragma: no-cache server: Caddy, Cowboy strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block content-length: 4086 X-Firefox-Spdy: h2`

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/langs/en.js	159.89.215.151	200 OK	1.2 kB
URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/gdpr/langs/en.js IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type Unicode text, UTF-8 text Size 1.2 kB (1170 bytes) Hash 3455d58a98162d6fd6c89b848e48097d f8a1cd935774ab7e85de8dbd14ec39408677450b 11408d630284e94bb4ddaee08b294fd2cb0342bdfcb443f67deb4a062aa55dc5 HTTP Headers GET /gdpr/langs/en.js HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes cache-control: no-cache, no-store, max-age=0, must-revalidate content-type: application/javascript date: Fri, 09 Jun 2023 21:30:40 GMT expires: 0 last-modified: Wed, 07 Jun 2023 08:06:19 GMT pragma: no-cache server: Caddy, Cowboy strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block content-length: 1170 X-Firefox-Spdy: h2`

	ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4	104.18.21.226		1.5 kB
URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1462 bytes) Hash ebe78e333286edbb69fa658fbfc55a1b e3d8d9bd1f64e843d0a2b7a8a66db71f6dae1cbe f2c77d7df6f201406e84c47d2b2ff61bc3a736575bb59d677411dda302a9e43b HTTP Headers `POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 09 Jun 2023 21:30:41 GMT Content-Type: application/ocsp-response Transfer-Encoding: chunked Connection: keep-alive Etag: "FCE5701F29C1815D4CACE60486D48C6727575B50" Expires: Sat, 10 Jun 2023 09:00:00 GMT Last-Modified: Fri, 09 Jun 2023 21:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 544 Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d4c7a263e8bb509-OSL`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash fc8e1ec54c50413f6e09e63a85414e7c 929ef6a2a5150200fe2bacfc03245b53be30e46f 9441071bcc600b4efd8d0e6f03237f7cccb737b30125bd1095051a5acdf23ec6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 21:30:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=UA-69935771-28	142.250.74.168	200 OK	48 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-69935771-28 IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT File type ASCII text, with very long lines (2271) Size 48 kB (47581 bytes) Hash 77e452c6b28212cb3a4786dba70d3dca 98c08de87a32eab3ed4d37ef70e6fc8be86b2bff e8db4dee73c973cb8007f53047663b4f7031b0d6544575f40d95908c20616d91 HTTP Headers `GET /gtag/js?id=UA-69935771-28 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 09 Jun 2023 21:30:41 GMT expires: Fri, 09 Jun 2023 21:30:41 GMT cache-control: private, max-age=900 last-modified: Fri, 09 Jun 2023 21:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 47581 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtm.js?id=GTM-N24X7V9	142.250.74.168	200 OK	71 kB
URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N24X7V9 IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT File type Unicode text, UTF-8 text, with very long lines (11769) Size 71 kB (71356 bytes) Hash 6a13a6350f99c9002203e9b2d40ed526 608d2375ff6e5ffcb8fe4623817c4986b2faca6b e696144cf54ff64c7928a908e74fb4ad510585f35edc70f0848067c502220e9e HTTP Headers `GET /gtm.js?id=GTM-N24X7V9 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 09 Jun 2023 21:30:41 GMT expires: Fri, 09 Jun 2023 21:30:41 GMT cache-control: private, max-age=900 last-modified: Fri, 09 Jun 2023 21:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 71356 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/styles.css	159.89.215.151	200 OK	893 kB
URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/styles.css IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 893 kB (892767 bytes) Hash 7f76c5d0353c51b023e2a7bc45f60422 1f09914eb414a1efa049636e07f3ed7d00cdb5e2 8bd318315fd19af93dab42d65cc73f9780e5be95457257da8b44dfec70c67004 HTTP Headers GET /dist/styles.css HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes cache-control: max-age=1209600 content-type: text/css date: Fri, 09 Jun 2023 21:30:40 GMT last-modified: Wed, 07 Jun 2023 08:06:19 GMT server: Caddy, Cowboy strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block content-length: 892767 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash fc8e1ec54c50413f6e09e63a85414e7c 929ef6a2a5150200fe2bacfc03245b53be30e46f 9441071bcc600b4efd8d0e6f03237f7cccb737b30125bd1095051a5acdf23ec6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 21:30:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash df893f12f5cf31daedf4910ffcc872c8 bbd271b0e76cd11d6a00327914b74882c95655fb 134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 21:30:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash df893f12f5cf31daedf4910ffcc872c8 bbd271b0e76cd11d6a00327914b74882c95655fb 134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 21:30:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c	142.250.74.168	200 OK	85 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT File type ASCII text, with very long lines (4372) Size 85 kB (85273 bytes) Hash 705a29ad69c98ed583eb36f49b8d3046 9d75e6b16ddc747cf885a1dd445d0321cb4dc9f8 21ae8e8709ab8d730369ef08b7d8c270b8ea0b060f3cd19365bee4dda051b98e HTTP Headers GET /gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 09 Jun 2023 21:30:41 GMT expires: Fri, 09 Jun 2023 21:30:41 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 85273 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	tag.getdrip.com/2607659.js	54.230.111.88	200 OK	2.1 kB
URL GET HTTP/2 tag.getdrip.com/2607659.js IP 54.230.111.88:443 ASN #16509 AMAZON-02 Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerAmazon Subject.getdrip.com Fingerprint3E:57:50:A6:D1:A1:2E:AF:A3:74:E3:E3:F5:0E:42:F8:C9:9F:C8:C8 ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 27 Jan 2024 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 2.1 kB (2052 bytes) Hash 910eab40becfecc373a8103b135e07b5 f49b7c0b13273541a1b1711c7eadcb9947bc1c59 d87a884927a79383657136386334cda7228d4b2fc84170a4e396ec41e5b04322 HTTP Headers `GET /2607659.js HTTP/1.1 Host: tag.getdrip.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript date: Fri, 09 Jun 2023 21:30:17 GMT last-modified: Fri, 09 Jun 2023 21:27:56 GMT etag: W/"a03c904d94e5820b9fdd6ba4d4304327" x-amz-server-side-encryption: AES256 server: AmazonS3 content-encoding: gzip vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: DpmxDzekyj_afCvNFIIOro3D3oq2N5ejFQWd49K_QULtGMp9bDc2iQ== age: 25 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash cfa2f4faaa3c178ca36297b0c4264e37 7a77047e893a983873f15a67f94b2be4b114be43 faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 21:30:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Montserrat:wght@400;500;700&family=Muli&family=Mulish&family=Noto+Serif&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Raleway:wght@400;800;900&family=Source+Sans+Pro:wght@400;600&family=Source+Serif+Pro&family=Work+Sans:wght@400;500&display=swap	142.250.74.106	200 OK	3.3 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Montserrat:wght@400;500;700&family=Muli&family=Mulish&family=Noto+Serif&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Raleway:wght@400;800;900&family=Source+Sans+Pro:wght@400;600&family=Source+Serif+Pro&family=Work+Sans:wght@400;500&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT File type gzip compressed data, max compression\012- data Size 3.3 kB (3344 bytes) Hash bffaad0202101e4fa15767bdc5018f41 e42a9e60aa1db4b70a4acae0389e01b34d829359 0d39e5f78768f46cbfcf9bd359f64fc01bacd29c8aed26c9ce2f06470dad052e HTTP Headers GET /css2?family=Lato:wght@400;700&family=Montserrat:wght@400;500;700&family=Muli&family=Mulish&family=Noto+Serif&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Raleway:wght@400;800;900&family=Source+Sans+Pro:wght@400;600&family=Source+Serif+Pro&family=Work+Sans:wght@400;500&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 09 Jun 2023 21:30:41 GMT date: Fri, 09 Jun 2023 21:30:41 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash cfa2f4faaa3c178ca36297b0c4264e37 7a77047e893a983873f15a67f94b2be4b114be43 faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 21:30:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2	216.58.207.227	200 OK	20 kB
URL GET HTTP/2 fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT File type Web Open Font Format (Version 2), TrueType, length 20528, version 1.0\012- data Size 20 kB (20528 bytes) Hash 04ca72bd569636b918e93b04f663a196 9e12248c8dfb7b2315fb1a856015aebdd440e2fc 7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a HTTP Headers GET /s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 20528 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 05 Jun 2023 19:18:26 GMT expires: Tue, 04 Jun 2024 19:18:26 GMT cache-control: public, max-age=31536000 last-modified: Thu, 01 Jun 2023 23:17:09 GMT content-type: font/woff2 age: 353535 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Mulish:wght@900&display=swap	142.250.74.106	200 OK	15 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Mulish:wght@900&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT File type gzip compressed data, max compression\012- data Size 15 kB (15363 bytes) Hash 339a84a3f28474e4f6e9351e5ea6c434 58b4dd570c7b064b54ab51a4740e58bec6426556 ea522eb26d711f74d2e3dbdbaa3a741aebbe4dfd085c0fc6892cd128a3af8012 HTTP Headers GET /css2?family=Mulish:wght@900&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 09 Jun 2023 21:30:41 GMT date: Fri, 09 Jun 2023 21:30:41 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash cfa2f4faaa3c178ca36297b0c4264e37 7a77047e893a983873f15a67f94b2be4b114be43 faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Jun 2023 21:30:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2	216.58.207.227	200 OK	15 kB
URL GET HTTP/2 fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT File type Web Open Font Format (Version 2), TrueType, length 14892, version 1.0\012- data Size 15 kB (14892 bytes) Hash 9ec6deaf6bada919e20b98f9f7b718b1 501d36403ad8205e4644532600019ecb10f5cb0a 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 HTTP Headers GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 14892 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 05 Jun 2023 18:52:54 GMT expires: Tue, 04 Jun 2024 18:52:54 GMT cache-control: public, max-age=31536000 last-modified: Thu, 01 Jun 2023 22:52:56 GMT content-type: font/woff2 age: 355067 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2	216.58.207.227	200 OK	23 kB
URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Size 23 kB (23040 bytes) Hash de69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 HTTP Headers GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23040 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 06 Jun 2023 20:15:31 GMT expires: Wed, 05 Jun 2024 20:15:31 GMT cache-control: public, max-age=31536000 age: 263710 last-modified: Tue, 02 May 2023 15:07:25 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	sleeknotecustomerscripts.sleeknote.com/87524.js	54.230.111.84	200 OK	1.1 kB
URL GET HTTP/2 sleeknotecustomerscripts.sleeknote.com/87524.js IP 54.230.111.84:443 ASN #16509 AMAZON-02 Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerAmazon Subject.sleeknote.com Fingerprint50:66:77:92:47:1B:8E:70:4D:A3:75:3D:A4:97:9D:EA:F0:F1:22:5E ValidityWed, 08 Feb 2023 00:00:00 GMT - Wed, 06 Mar 2024 23:59:59 GMT File type ASCII text, with very long lines (2671), with no line terminators Size 1.1 kB (1074 bytes) Hash d0795b85c1efcdd878f436de3271a7d0 77bb42833de3c6427576bdd299893ec6ded41817 32068555973b31463686e942e1ba010d5002af3d3dab3c70bebcb111f0ec24e9 HTTP Headers `GET /87524.js HTTP/1.1 Host: sleeknotecustomerscripts.sleeknote.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 content-length: 1074 last-modified: Wed, 08 Feb 2023 13:12:04 GMT x-amz-server-side-encryption: AES256 content-encoding: gzip x-amz-version-id: 96riHVWG.h_17D_4wDulhp7NODiLZJPy accept-ranges: bytes server: AmazonS3 date: Fri, 09 Jun 2023 21:30:40 GMT cache-control: max-age=60 etag: "abdcf6babc9bbac009ee7a5a8a1c447c" x-cache: Hit from cloudfront via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: 6cU41Wfso0ejrUwDCTarj_ntI5yIsH8XYXZZl9oKtgBIJydyiILlzw== age: 2 X-Firefox-Spdy: h2

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/favicon/favicon-16x16.png	159.89.215.151	200 OK	1.2 kB
URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/favicon/favicon-16x16.png IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Size 1.2 kB (1235 bytes) Hash a86978c1bf63a0950f991c940d6fa0e7 e7d3cc1ad625e2ad191fdd092cdb8c89564f1567 bf05a27240af0fa968c7394905fc2e6d9dfa51edec38a926efba4c8bf0399db9 HTTP Headers GET /favicon/favicon-16x16.png HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885; _ga_SWXNNMMKPQ=GS1.1.1686346240.1.0.1686346240.0.0.0; _ga=GA1.1.1949893212.1686346241 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes cache-control: no-cache, no-store, max-age=0, must-revalidate content-type: image/png date: Fri, 09 Jun 2023 21:30:40 GMT expires: 0 last-modified: Wed, 07 Jun 2023 08:06:19 GMT pragma: no-cache server: Caddy, Cowboy strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block content-length: 1235 X-Firefox-Spdy: h2`

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/favicon/apple-touch-icon.png	159.89.215.151	200 OK	10 kB
URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/favicon/apple-touch-icon.png IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data Size 10 kB (10180 bytes) Hash 47001c105674123e5c9dfbde7046c21b 246d6dab45d06803db4ab8238642fbd012b3d343 64debab32dbe30ee2fd60a3b0fa011b6adf36b34af07656cedbb4b1c9d055c20 HTTP Headers GET /favicon/apple-touch-icon.png HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885; _ga_SWXNNMMKPQ=GS1.1.1686346240.1.0.1686346240.0.0.0; _ga=GA1.1.1949893212.1686346241 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes cache-control: no-cache, no-store, max-age=0, must-revalidate content-type: image/png date: Fri, 09 Jun 2023 21:30:40 GMT expires: 0 last-modified: Wed, 07 Jun 2023 08:06:19 GMT pragma: no-cache server: Caddy, Cowboy strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block content-length: 10180 X-Firefox-Spdy: h2`

	ocsp.r2m01.amazontrust.com/	54.230.80.227		471 B
URL ocsp.r2m01.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 3a9799158e583718a1275f1e20fb6675 517626babba1d5b5a8e6eb7483b9a4eec703e86a 6f0e32ed8c19843e7027cedb64a7c94dcdccc38c8f6f93d7fe26b4470d595050 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Fri, 09 Jun 2023 21:30:41 GMT Last-Modified: Fri, 09 Jun 2023 20:34:43 GMT Server: ECAcc (nya/7946) X-Cache: Miss from cloudfront Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: UkHZCYlwVleP1WkGu5NcwAaNNDcSu7zXVBxKynUifSsVJyA3Sl_nVA== Age: 3358`

	api.getdrip.com/client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&domain=sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_710910274	54.230.111.106	200 OK	84 B
URL GET HTTP/2 api.getdrip.com/client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&domain=sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_710910274 IP 54.230.111.106:443 ASN #16509 AMAZON-02 Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerAmazon Subject.getdrip.com Fingerprint3E:57:50:A6:D1:A1:2E:AF:A3:74:E3:E3:F5:0E:42:F8:C9:9F:C8:C8 ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 27 Jan 2024 23:59:59 GMT File type ASCII text, with no line terminators Size 84 B (84 bytes) Hash a0a6f535a9ce9fb93b3770bbedc69772 2132bdd3bf0507c0c3dff57279030c3312cd8561 a5e30c733b0873b338f6f04c79a9d5809a3d2459cce9608ffbb8292a791070e9 HTTP Headers GET /client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&domain=sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_710910274 HTTP/1.1 Host: api.getdrip.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/javascript; charset=utf-8 content-length: 84 date: Fri, 09 Jun 2023 21:30:41 GMT x-amzn-requestid: 580fbcfb-6cd9-4d03-9abb-f1d3c566750e referrer-policy: strict-origin-when-cross-origin x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block x-runtime: 0.033624 strict-transport-security: max-age=63072000; includeSubDomains x-amzn-remapped-content-length: 84 x-frame-options: SAMEORIGIN x-amzn-remapped-connection: keep-alive x-download-options: noopen x-request-id: f423722d-808f-4b5f-8312-7d1aa96053e5 x-amz-apigw-id: GRUAVEOdIAMFZ7g= vary: Accept cache-control: max-age=0, private, must-revalidate x-amzn-remapped-server: nginx x-content-type-options: nosniff etag: W/"a5e30c733b0873b338f6f04c79a9d580" x-amzn-remapped-date: Fri, 09 Jun 2023 21:30:41 GMT x-cache: Miss from cloudfront via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: dUOj274N5TX_axBl7w77HkaaDSPRWLfHIU0cMCgzU0q8El4Lg6KKFw== X-Firefox-Spdy: h2

	api.getdrip.com/client/track?url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&visitor_uuid=207ea4188303425780409a8f858cda45&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_354082610	54.230.111.106	200 OK	101 B
URL GET HTTP/2 api.getdrip.com/client/track?url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&visitor_uuid=207ea4188303425780409a8f858cda45&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_354082610 IP 54.230.111.106:443 ASN #16509 AMAZON-02 Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerAmazon Subject.getdrip.com Fingerprint3E:57:50:A6:D1:A1:2E:AF:A3:74:E3:E3:F5:0E:42:F8:C9:9F:C8:C8 ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 27 Jan 2024 23:59:59 GMT File type ASCII text, with no line terminators Size 101 B (101 bytes) Hash aeddf65eca92603074896ab9cb0bcb0b 85eaa8ccf3dffa62978d29fa9a62211ed4cbaf07 7260ff336a78aa66df4a2656d4f669abf9272606db740a08bbb10a9f0fa0e558 HTTP Headers GET /client/track?url=https%3A%2F%2Fsber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com%2F&visitor_uuid=207ea4188303425780409a8f858cda45&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_354082610 HTTP/1.1 Host: api.getdrip.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: text/javascript; charset=utf-8 content-length: 101 date: Fri, 09 Jun 2023 21:30:42 GMT x-amzn-requestid: 7c502871-4d1d-4998-aaf7-8a7ec94d9f15 referrer-policy: strict-origin-when-cross-origin x-permitted-cross-domain-policies: none x-xss-protection: 1; mode=block x-runtime: 0.046636 strict-transport-security: max-age=63072000; includeSubDomains x-amzn-remapped-content-length: 101 x-frame-options: SAMEORIGIN x-amzn-remapped-connection: keep-alive x-download-options: noopen x-request-id: 12c818d6-c840-4457-8e70-806569b48a87 x-amz-apigw-id: GRUAZElvoAMFbYQ= vary: Accept cache-control: max-age=0, private, must-revalidate x-amzn-remapped-server: nginx x-content-type-options: nosniff etag: W/"7260ff336a78aa66df4a2656d4f669ab" x-amzn-remapped-date: Fri, 09 Jun 2023 21:30:42 GMT x-cache: Miss from cloudfront via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: s280L18wmaC_oAv7wKrVrs_z8nbFa6RAYkwCqxKGn67AGKNr9RWeFg== X-Firefox-Spdy: h2

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/	159.89.215.151	200 OK	3.4 kB
URL User Request GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3603), with no line terminators Size 3.4 kB (3420 bytes) Hash 0b4d7a67443d34272266706f0db5789d bce955d7a6a6e980c2a50bb53a9f548235037430 61dac40dac3dbbe9e4f6efd964721ab93c0506acf296643e4b44fd3289007a94 HTTP Headers GET / HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: no-cache, no-store, max-age=0, must-revalidate content-language: en-US content-type: text/html;charset=UTF-8 date: Fri, 09 Jun 2023 21:30:39 GMT expires: 0 pragma: no-cache server: Caddy, Cowboy set-cookie: JSESSIONID=4668896EF383E9ED21C418A564168885; Max-Age=21600; Expires=Sat, 10-Jun-2023 03:30:40 GMT; Path=/; Secure; HttpOnly strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block X-Firefox-Spdy: h2

	fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2	216.58.207.227	200 OK	15 kB
URL GET HTTP/2 fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT File type Web Open Font Format (Version 2), TrueType, length 14824, version 1.0\012- data Size 15 kB (14824 bytes) Hash 48598bad30f08e1c3eb3d0e69b420bd5 28c2cf160273c2062f909a875c4b4c0541ee2f84 ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9 HTTP Headers GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 14824 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 05 Jun 2023 18:52:54 GMT expires: Tue, 04 Jun 2024 18:52:54 GMT cache-control: public, max-age=31536000 last-modified: Thu, 01 Jun 2023 22:52:55 GMT content-type: font/woff2 age: 355067 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js	54.230.111.107	200 OK	98 kB
URL GET HTTP/3 sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js IP 54.230.111.107:443 ASN #16509 AMAZON-02 Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerAmazon Subject.sleeknote.com Fingerprint50:66:77:92:47:1B:8E:70:4D:A3:75:3D:A4:97:9D:EA:F0:F1:22:5E ValidityWed, 08 Feb 2023 00:00:00 GMT - Wed, 06 Mar 2024 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 98 kB (98102 bytes) Hash 714431a73c9740e08c411774bcb506a6 c9c0d92d92e5956e8e9f3ed556d0a2487c3ee6ce 4171a80300b386a248c765bfd3a532ddaffe0ea332a36cdb5852f8e212953e6b HTTP Headers GET /production/package-core-boot.js HTTP/1.1 Host: sleeknotestaticcontent.sleeknote.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: text/javascript alt-svc: h3=":443"; ma=86400 age: 84 last-modified: Thu, 08 Jun 2023 13:53:09 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: pdqLmjZu65IPbA1JOeCk7bNEBN.PJlX4 server: AmazonS3 content-encoding: gzip date: Fri, 09 Jun 2023 21:29:20 GMT cache-control: no-cache etag: W/"714431a73c9740e08c411774bcb506a6" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: iEZeZ-L7nXSfN9x2fw_-BUAVuqL-VdQO4bsdu7piUkPViVKWNZKWyQ==

	d14jnfavjicsbe.cloudfront.net/client.js	54.230.245.226	200 OK	88 kB
URL GET HTTP/2 d14jnfavjicsbe.cloudfront.net/client.js IP 54.230.245.226:443 ASN #16509 AMAZON-02 Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type Size 88 kB (88366 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /client.js HTTP/1.1 Host: d14jnfavjicsbe.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript last-modified: Thu, 19 Jan 2023 17:30:45 GMT x-amz-server-side-encryption: AES256 x-amz-meta-md5sum: i48XcACSBVS9Hp96FezhMA== server: AmazonS3 content-encoding: gzip date: Fri, 09 Jun 2023 21:29:56 GMT cache-control: max-age=300 etag: W/"8b8f177000920554bd1e9f7a15ece130" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: SrpnTgVTgFOtxYDVa3Wp7iM7GrZWqnfXItoiRiemq27mwg3zRrZj4A== age: 46 X-Firefox-Spdy: h2

	sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/src/assets/images/error-404..svg	159.89.215.151	200 OK	1.6 kB
URL GET HTTP/2 sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/src/assets/images/error-404..svg IP 159.89.215.151:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerZeroSSL Subject Fingerprint35:DD:1A:51:7B:A9:27:D6:03:16:35:8D:8B:CE:88:EC:99:41:EC:AF ValiditySun, 16 Apr 2023 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1740), with no line terminators Size 1.6 kB (1613 bytes) Hash 708aa88c535179d2504d741878a49332 933fdc7774f923d76e2aff5e88e7f83bb877a749 7cacc21e339c9586840151462076b92d4b8904a155de55887f09b822a2768f3c HTTP Headers GET /dist/src/assets/images/error-404..svg HTTP/1.1 Host: sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/dist/styles.css Cookie: JSESSIONID=4668896EF383E9ED21C418A564168885 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK accept-ranges: bytes cache-control: no-cache, no-store, max-age=0, must-revalidate content-type: image/svg+xml date: Fri, 09 Jun 2023 21:30:40 GMT expires: 0 last-modified: Wed, 07 Jun 2023 08:06:19 GMT pragma: no-cache server: Caddy, Cowboy strict-transport-security: max-age=31536000 ; includeSubDomains via: 1.1 vegur x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block content-length: 1613 X-Firefox-Spdy: h2`

	sleeknotestaticcontent.sleeknote.com/core.js	54.230.111.107	200 OK	5.1 kB
URL GET HTTP/2 sleeknotestaticcontent.sleeknote.com/core.js IP 54.230.111.107:443 ASN #16509 AMAZON-02 Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerAmazon Subject.sleeknote.com Fingerprint50:66:77:92:47:1B:8E:70:4D:A3:75:3D:A4:97:9D:EA:F0:F1:22:5E ValidityWed, 08 Feb 2023 00:00:00 GMT - Wed, 06 Mar 2024 23:59:59 GMT File type ASCII text, with very long lines (5262), with no line terminators Size 5.1 kB (5124 bytes) Hash c53bfdf7753c7e287bdc34d6341d34ee c969a0b7ee6600d3acd0e5f7fe042d41a9c277d4 513b8788b0807a06922e50b4dbdc3e65ec9916158ccef555e1b5718e5cfca018 HTTP Headers `GET /core.js HTTP/1.1 Host: sleeknotestaticcontent.sleeknote.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript last-modified: Thu, 08 Jun 2023 13:53:11 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: 8wIcJp9EgY40Q.NR_GJQbCDU8ml3FvwK server: AmazonS3 content-encoding: gzip date: Fri, 09 Jun 2023 21:29:27 GMT cache-control: no-cache etag: W/"58ba84e58fa7ae7f3c364db6a49d9bb3" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: bHI3wUMO4SAUDhsw1w__tYjKfNE4xNT7x8KxevJNsHRePVkPiN1yzQ== age: 76 X-Firefox-Spdy: h2

	sleeknotestaticcontent.sleeknote.com/production/package-tracker.js	54.230.111.107	200 OK	14 kB
URL GET HTTP/3 sleeknotestaticcontent.sleeknote.com/production/package-tracker.js IP 54.230.111.107:443 ASN #16509 AMAZON-02 Requested by https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Certificate IssuerAmazon Subject.sleeknote.com Fingerprint50:66:77:92:47:1B:8E:70:4D:A3:75:3D:A4:97:9D:EA:F0:F1:22:5E ValidityWed, 08 Feb 2023 00:00:00 GMT - Wed, 06 Mar 2024 23:59:59 GMT File type ASCII text, with very long lines (13926), with no line terminators Size 14 kB (13926 bytes) Hash 0a8a47db16031429c3a5edfd7ffc3f99 8bce3151d9311f8a0360918b736a10549b84b2b7 3066fce80c674eb04f10fcb4aecb04d173e7a678d82f2e97ff155404b6cc5763 HTTP Headers GET /production/package-tracker.js HTTP/1.1 Host: sleeknotestaticcontent.sleeknote.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sber.avito.avito.avito.avito.sber.git.covid19lockdownblog.blog.demo.com.decodingplaces.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: text/javascript alt-svc: h3=":443"; ma=86400 age: 71 last-modified: Thu, 08 Jun 2023 13:53:09 GMT x-amz-server-side-encryption: AES256 x-amz-version-id: RscUOS8N3zyQ36_OnEe6o24fZ4OiY5KS server: AmazonS3 content-encoding: gzip date: Fri, 09 Jun 2023 21:29:32 GMT cache-control: no-cache etag: W/"0a8a47db16031429c3a5edfd7ffc3f99" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: r4hetinilOGCpPdPLr5GEaNe8BKeBFuOgNf4hBr1vXVa-705CNJ5EA==

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML