Overview

URLxn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
IP 195.208.1.105 (Russia)
ASN#48287 Jsc ru-center
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 15:57:01 UTC
StatusLoading report..
IDS alerts0
Blocklist alert13
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-30 04:53:34 UTC 142.250.74.168
ocsp2.globalsign.com (1) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.20.226
r3.o.lencr.org (5) 344 No data No data 23.33.119.27
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
vk.com (2) 2243 2012-05-21 15:01:19 UTC 2022-11-30 04:11:14 UTC 93.186.225.194
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-11-30 04:54:31 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-30 05:03:07 UTC 216.239.34.178
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-30 05:00:30 UTC 64.233.165.154
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-30 05:55:22 UTC 142.250.74.106
yandex.st (3) 46311 2012-05-22 22:19:28 UTC 2022-11-30 04:11:02 UTC 178.154.131.215
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.42
ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.42.234.253
xn--90advg.xn--p1ai (29) 0 2016-01-18 16:05:17 UTC 2022-11-30 15:45:50 UTC 195.208.1.105 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF (...) Phishing
2022-11-30 2 xn--90advg.xn--p1ai/js/jquery.scrollTo.min.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/cache/js/8b9b435996220b2aef4b548eeaa39428.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/js/jquery.maskedinput.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/cache/js/b143370d42b990f15aac536ab9b9c87e.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/js/timepicker.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/custom/my/js/change_lang.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/custom/my/js/custom.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/custom/my/js/scriptbreaker-multiple-accordion-1.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/custom/my/themes/comfortable-reading/js/jquery.comforta (...) Phishing
2022-11-30 2 xn--90advg.xn--p1ai/custom/my/themes/comfortable-reading/js/jquery.cookie.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/cache/js/da231c5f36ed3c92a08792a409323e03.js Phishing
2022-11-30 2 xn--90advg.xn--p1ai/custom/my/js/jquery.selectbox.min.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 195.208.1.105
Date UQ / IDS / BL URL IP
2022-11-30 15:57:01 +0000 0 - 0 - 13 xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2% (...) 195.208.1.105
2022-11-10 09:00:59 +0000 0 - 0 - 1 ndc-group.ru/uploads/files/71216080122.pdf 195.208.1.105


Last 5 reports on ASN: Jsc ru-center
Date UQ / IDS / BL URL IP
2023-01-31 09:35:31 +0000 0 - 1 - 1 moscow-fitness.ru/9e568b3d621e6111365c07d0201 (...) 109.70.26.37
2023-01-31 08:10:43 +0000 0 - 0 - 27 maxclinic.ru/excels/error.php 91.189.114.8
2023-01-31 07:29:54 +0000 0 - 1 - 0 megatorg.ru/is_covid_testing_free_at_urgent_c (...) 31.177.76.70
2023-01-31 02:43:34 +0000 0 - 0 - 1 poshgirl.ru/shop/kupalniki/tip-kupalnika/razdelnyi 109.70.26.37
2023-01-31 00:17:27 +0000 0 - 3 - 0 5oclock.ru/user/polishfarm06/ 178.210.81.156


No other reports on domain:


No other reports with similar screenshot

JavaScript

Executed Scripts (22)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (68)


Request Response
                                        
                                            GET /%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/ HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Set-Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5; path=/
Cache-Control: private, no-cache, no-store
Last-Modified: Fri, 11 Feb 2022 10:39:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4471), with CRLF, LF line terminators
Size:   10839
Md5:    0d06b6a9009b1527c34f5e518b6ea867
Sha1:   2970dde1be690413f07e515d79ee04c27ed3f8ca
Sha256: b439c04135546deaca489a4a0bb34509ee4ca8378c69783208f666fdc45d5d34

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8878
Expires: Wed, 30 Nov 2022 18:24:48 GMT
Date: Wed, 30 Nov 2022 15:56:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2090
Cache-Control: max-age=155359
Date: Wed, 30 Nov 2022 15:56:50 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:06:09 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7534
Expires: Wed, 30 Nov 2022 18:02:24 GMT
Date: Wed, 30 Nov 2022 15:56:50 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 15:18:03 GMT
cache-control: public,max-age=3600
age: 2327
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: StVxMYkbR7PqwBiT6Ef7L56CGpV8SMxRGq1LtIYyBz2O0X9r1AcECx3W2U7CdCE1s2iGgFdzS+4=
x-amz-request-id: 8BYJ5HSTFHQ685F6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 15:45:55 GMT
age: 655
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 15:56:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /css?family=Open+Sans|Open+Sans+Condensed:700&subset=latin,cyrillic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/

search
                                         142.250.74.106
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 30 Nov 2022 15:56:50 GMT
Date: Wed, 30 Nov 2022 15:56:50 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   735
Md5:    85870c0b7fc130f7af6cb46e3cd88b63
Sha1:   62eb5553de6e78bae7cd54a0c2500e2d6c6b58e1
Sha256: 42734bfb6f6b24c728f802c94d077eaf14780f734f39a137d85f62fcf17cda33
                                        
                                            GET /cache/css/eb945c224cb0e77723ff2aa375736ec0.css HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 22019
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 13:40:49 GMT
ETag: "5603-5d69077598b7c"
Accept-Ranges: bytes
Cache-Control: max-age=864000


--- Additional Info ---
Magic:  ASCII text, with very long lines (22019), with no line terminators
Size:   22019
Md5:    e6a9c40c8539002b4439549910876534
Sha1:   c387838ff15c4257d437a9fe00494b157c3d73bb
Sha256: 7448de0625f19cf179c7d2b0e6af3dd599bfb7a0718fd77c42bb401800f09907
                                        
                                            GET /jquery/2.0.3/jquery.min.js HTTP/1.1 
Host: yandex.st
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/

search
                                         178.154.131.215
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.17.9
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 28265
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31556952
Content-Encoding: gzip
Etag: "15f3faaa67fca127e619f10d7925686c"
Expires: Wed, 29 Nov 2023 16:31:37 GMT
Last-Modified: Mon, 12 Nov 2018 13:14:00 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: a38dac50c0841903
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32023)
Size:   28265
Md5:    15f3faaa67fca127e619f10d7925686c
Sha1:   70c268a8124a4fd674c951f2f01c119d7fd741f3
Sha256: 4fb7a2780fe1678c3c1501567fc8da22a55b60feed9b74ccac242e5da4609312
                                        
                                            GET /jquery/form/3.14/jquery.form.min.js HTTP/1.1 
Host: yandex.st
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/

search
                                         178.154.131.215
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.17.9
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 5470
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31556952
Content-Encoding: gzip
Etag: "4f493547b9c7df462e93419febd82a67"
Expires: Thu, 30 Nov 2023 00:08:15 GMT
Last-Modified: Mon, 12 Nov 2018 13:13:43 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 618b5edf08e0bb1d
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (14224)
Size:   5470
Md5:    4f493547b9c7df462e93419febd82a67
Sha1:   19f272f25573fb2c5008975101fbcbc610489cc8
Sha256: 23840914aaf84b4e1682cd2914db3d3f96ab47f5c109178ffcae9b5e79f644c6
                                        
                                            GET /js/jquery.scrollTo.min.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 2156
Connection: keep-alive
Last-Modified: Tue, 09 Jun 2015 14:54:54 GMT
ETag: "5576fe3e-86c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1986)
Size:   2156
Md5:    3df72c0236a3918be1d7620f93751389
Sha1:   f4ebb4def76277af3f0b61834617913ed22beb79
Sha256: aa307ca08cec18da24e3e386ac07a201c89f9ff8f762f37bad4416f638b893bb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cache/js/8b9b435996220b2aef4b548eeaa39428.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 2194
Connection: keep-alive
Last-Modified: Thu, 27 Jan 2022 13:40:50 GMT
ETag: "892-5d690776216f1"
Accept-Ranges: bytes
Cache-Control: max-age=864000


--- Additional Info ---
Magic:  ASCII text, with very long lines (2009)
Size:   2194
Md5:    63fd994335b9805844172f99766fb6ef
Sha1:   45500a96a56989262a7070aacf9e06d3dcf0b30f
Sha256: a5edd8518cd0214dc8bc513e249e5ea9cf3083b367907a734a9433b14e290162

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/jquery.maskedinput.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 7207
Connection: keep-alive
Last-Modified: Tue, 09 Jun 2015 14:54:54 GMT
ETag: "5576fe3e-1c27"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   7207
Md5:    534d38703522119e250f764db83c912e
Sha1:   379003b0b620363087ba9d4bd06dc9d9399da333
Sha256: bf0122192afdfdf9a42d1499f1f5d11b4c4b17f7f6c81e87b0d16e8f4d8d0e8b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cache/js/b143370d42b990f15aac536ab9b9c87e.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 9039
Connection: keep-alive
Last-Modified: Mon, 31 Jan 2022 09:43:55 GMT
ETag: "234f-5d6dd9f8416c2"
Accept-Ranges: bytes
Cache-Control: max-age=864000


--- Additional Info ---
Magic:  ASCII text, with very long lines (746), with CRLF line terminators
Size:   9039
Md5:    975ab9cc585833c70337691631de1255
Sha1:   748e4d4f3794279bf82dd94f3d692d55d732425c
Sha256: 09869fcfec8512b4358551844b03b5badcc4d86b7fbd790a4aa7a91ff064b15b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/timepicker.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 28376
Connection: keep-alive
Last-Modified: Tue, 09 Jun 2015 14:54:54 GMT
ETag: "5576fe3e-6ed8"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (803)
Size:   28376
Md5:    b62e696868820dbefca42d3b29a9537b
Sha1:   6d7d84725fb1489bfed520a6115a39d1176658e9
Sha256: 802f4c12b035b1c1cd4221124cf3a592c3188f9c7e4d7f0e52113229aedfba6a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jquery-ui/1.10.3/jquery-ui.min.js HTTP/1.1 
Host: yandex.st
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/

search
                                         178.154.131.215
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.17.9
Date: Wed, 30 Nov 2022 15:56:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Content-Encoding: gzip
Etag: W/"fd255415839568e52a48da5de5af244c"
Expires: Sat, 03 Dec 2022 03:56:09 GMT
Last-Modified: Fri, 01 Feb 2019 15:35:45 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 5e9fb641fc5288e1


--- Additional Info ---
Magic:  ASCII text, with very long lines (32389)
Size:   60463
Md5:    09eee8ba47fdc651c9e10bcecfcf7209
Sha1:   3f196e175ef1d43440dfe39b6a749335a6267a06
Sha256: d9c9c5550b475c5c040b01f9195024fd72e6634b704cef456ea2a86611f61a51
                                        
                                            GET /custom/my/js/change_lang.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 808
Connection: keep-alive
Last-Modified: Thu, 05 Dec 2019 08:52:55 GMT
ETag: "5de8c567-328"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   808
Md5:    0ff4d70e2f3b9ffd3c1d920d04fe210e
Sha1:   5d947584cbe1d3e4ec97eba378aa26c4bf22b2b3
Sha256: 79908cc7373c52cab11d119bf72a781328a31e56bc74aca8ac83ae80efcfabd0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /custom/my/js/custom.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 3506
Connection: keep-alive
Last-Modified: Mon, 23 Sep 2019 20:40:58 GMT
ETag: "5d892dda-db2"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   3506
Md5:    b92d2eaef41a173935539210ff81937f
Sha1:   218d3f77a98f53b143c57f07c21004a2f03e6c95
Sha256: 30de08c5b334a67cb597a36e22ed70da7552867a502929d863b7373a0c2a078a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /custom/my/js/scriptbreaker-multiple-accordion-1.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 2613
Connection: keep-alive
Last-Modified: Mon, 23 Sep 2019 20:41:17 GMT
ETag: "5d892ded-a35"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   2613
Md5:    f774214d900db0ba9217f9ccd36156a3
Sha1:   121cd025c29c8815aee1f326b78a7a4e6887531f
Sha256: 03b038a01c2a2f39bc1befb1139ee7d486cfd4a18c16b89368a8237dc42d5eda

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jquery-1.11.3.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/

search
                                         69.16.175.42
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 30 Nov 2022 15:56:50 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 33261
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"611feac9-176d5"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1669823810.dop023.sk1.t,1669823810.cds216.sk1.c


--- Additional Info ---
Magic:  ASCII text, with very long lines (32038)
Size:   33261
Md5:    1c8acbf5f411ace3b76578a1fd1a603e
Sha1:   b1bbee9db24d885c25afd2e5a7720e4f79b6b991
Sha256: e37464521b5447580a641b775ddb258a76f3bc7a3ca5a34eb452b12908b350a9
                                        
                                            GET /custom/my/themes/comfortable-reading/css/custom.css HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 2171
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2016 20:38:41 GMT
ETag: "57758351-87b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2171
Md5:    fd502853da666ff15b83a4dc11767d2a
Sha1:   96871719ebd2ab1e149b7d329581649a07803d68
Sha256: 88ad1c3f96eb720214f6b080dd46c31de604b5a7e1b80da5945d4872e2f1ac96
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 15:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /custom/my/themes/comfortable-reading/js/jquery.comfortable.reading.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 9697
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2016 20:02:04 GMT
ETag: "57757abc-25e1"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1642), with CRLF line terminators
Size:   9697
Md5:    9e20e7b85f42ff75e29af406f6cd8b47
Sha1:   d22d18d9523a900b5d57982ab0c22acea8dcf553
Sha256: d5bdb3ef22b1eea004d80fd25954cb89179ec9f56e3543b06324d60590e85b26

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /custom/my/themes/comfortable-reading/js/jquery.cookie.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 2232
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2016 20:02:05 GMT
ETag: "57757abd-8b8"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2232
Md5:    c2571a62e4fffe74590560fe8402c545
Sha1:   77d21069d0151cf97f94f82fe4d81d161006173a
Sha256: 9fa0f4513eaf62288b7843b7cff59bd539d068488a802e3a3903d041038d7940

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /custom/my/img/logo.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 2381
Connection: keep-alive
Last-Modified: Sat, 12 Sep 2015 19:23:51 GMT
ETag: "55f47bc7-94d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 275 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   2381
Md5:    2e17fdc90fb83141cd7a55e2c3793009
Sha1:   f914026b8f3070fc8bbc379090539f9cff6471ec
Sha256: da89828ac7ba62a86c78dafc55435811325f073e16f7a7f1abbeb8461317e108
                                        
                                            GET /userfiles/images/iconfinder_2018_social_media_popular_app_logo_vkontakte_3225181.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 10223
Connection: keep-alive
Last-Modified: Mon, 11 Feb 2019 12:47:58 GMT
ETag: "5c616efe-27ef"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   10223
Md5:    a12dcbe2bf023e0848e80f24cfada59e
Sha1:   53e1c4e414ed5151de61121e974e814a058f4a7d
Sha256: bb033939056cd56a7be46063cd03612e2891fce0c515ad887861685829fd04c4
                                        
                                            GET /custom/my/themes/comfortable-reading/img/glsses.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 11638
Connection: keep-alive
Last-Modified: Fri, 01 Jul 2016 09:35:55 GMT
ETag: "5776397b-2d76"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 214 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size:   11638
Md5:    df23a2c5ec2dba9667f5639eaf00cc93
Sha1:   7a08fc66ee3e168128d6d5db68196a46bd418bf0
Sha256: cd62caa77575f526f3f0207eedf0c65d12cff4d53edc3c29a67c76f8b292b9bf
                                        
                                            GET /css?family=PT+Sans+Narrow&subset=cyrillic,latin HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/

search
                                         142.250.74.106
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 30 Nov 2022 15:56:50 GMT
Date: Wed, 30 Nov 2022 15:56:50 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   443
Md5:    ce499cfe3701b283d83f97fd8ab16c2a
Sha1:   469f62d47c86cce56a055fc53c7c46c53859c183
Sha256: 0d8010aab11b4ff53221993814f6f574d7b93f808e3d1de74b7326c58b724fe7
                                        
                                            GET /gtag/js?id=UA-134610070-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 15:56:50 GMT
expires: Wed, 30 Nov 2022 15:56:50 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43580
Md5:    3ff014591fa9d2b386988512c01624ef
Sha1:   7a5baa824072a61c465444f0a98e018127f22eac
Sha256: f00d9f5281ced9dc8bba6b060e7849d90dd30d6fc4e543bf9ed59ae8bdef4ca4
                                        
                                            GET /userfiles/editor/medium/3638_600px-telegram_messenger.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 15570
Connection: keep-alive
Last-Modified: Tue, 22 Mar 2022 08:24:54 GMT
ETag: "623987d6-3cd2"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   15570
Md5:    c8e8b595bd070748440ade04850b5957
Sha1:   43e7cafd529800d7ac833989e8070e749991f04e
Sha256: f21048160e1a561b5edf09e358e8d9b9490f2b5d4d2bc0c293ff689af8a6911d
                                        
                                            GET /userfiles/images/znachokodnoklassnikipng.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 71034
Connection: keep-alive
Last-Modified: Mon, 11 Feb 2019 12:53:44 GMT
ETag: "5c617058-1157a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 620 x 620, 8-bit/color RGBA, non-interlaced\012- data
Size:   71034
Md5:    0c7ed43bd3f79b0e34beca413b1d3aad
Sha1:   3514fe9831fde290067abd21b60df305fa3982fb
Sha256: 37f2fd8522a007ee6a9b81b7fe134b16afd7ec746000f66da90dff1c0deb3782
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 15:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /custom/my/img/phone.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/cache/css/0685b4750faabe460cb57f13b1b15c53.css
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 1319
Connection: keep-alive
Last-Modified: Sun, 14 Jun 2015 00:35:44 GMT
ETag: "557ccc60-527"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 18 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size:   1319
Md5:    7eec304a751400bdad97cea8714df44f
Sha1:   f33edd2bc46266f5ddb9255eb966fea4db5aaf25
Sha256: 08f0207ba99b20c190ab1063501b84bf71f76eca335d9cb81367910f846289f4
                                        
                                            GET /custom/my/img/address.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/cache/css/0685b4750faabe460cb57f13b1b15c53.css
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 1424
Connection: keep-alive
Last-Modified: Sun, 14 Jun 2015 00:35:44 GMT
ETag: "557ccc60-590"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 17 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   1424
Md5:    e5e86a00a2e9db1a2ade3831e5638b5f
Sha1:   2516e847d524f3ef9bfd66c8621f57b9a3b097d8
Sha256: aa30fc8cd917cd9b1c35cc572cf8d6fff1aa9f8cfeb34a8edaf20ef939334b7c
                                        
                                            GET /custom/my/img/application.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/cache/css/0685b4750faabe460cb57f13b1b15c53.css
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 1312
Connection: keep-alive
Last-Modified: Sun, 14 Jun 2015 00:35:44 GMT
ETag: "557ccc60-520"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 14 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size:   1312
Md5:    7affbf91ab42b8f4e93261cc7467035a
Sha1:   5a34254ca3a6c2893a86f95180a873d759d8ba9a
Sha256: c61906e9c53c53740193a0bb885a1cebbe4a2f4ed16510613adc64e490b9b663
                                        
                                            GET /custom/my/img/nav.jpg HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/cache/css/0685b4750faabe460cb57f13b1b15c53.css
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 1321
Connection: keep-alive
Last-Modified: Sun, 14 Jun 2015 00:35:44 GMT
ETag: "557ccc60-529"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3x13, components 3\012- data
Size:   1321
Md5:    fa5605422bd0626baed0700051964ef7
Sha1:   478a3c69f35e8b332f3351f7c9abd92f675eb83e
Sha256: 7acca74cd03b96c368670251c82b4cf95714b57217087d4356df6cf304faed35
                                        
                                            GET /custom/my/img/catalog.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/cache/css/0685b4750faabe460cb57f13b1b15c53.css
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 1222
Connection: keep-alive
Last-Modified: Sun, 14 Jun 2015 00:35:44 GMT
ETag: "557ccc60-4c6"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size:   1222
Md5:    c0c8d7919a349100e66388f6cec2a6ff
Sha1:   d90873980b2c422245b90e36b1e595a841ad7cb8
Sha256: 360a117e8c6fe1a623946d41c19c67b0817b50b54b55afd59c6ebdc647b72a4c
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xn--90advg.xn--p1ai
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 10652
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 01:27:54 GMT
Expires: Wed, 29 Nov 2023 01:27:54 GMT
Cache-Control: public, max-age=31536000
Age: 138536
Last-Modified: Mon, 15 Aug 2022 18:11:22 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10652, version 1.0\012- data
Size:   10652
Md5:    c010b23b2704126796a794818ca777fb
Sha1:   41d3c9ae6692a1ca032d420646cc49b395fb4c96
Sha256: 624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93
                                        
                                            GET /img/postbullets.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/cache/css/0685b4750faabe460cb57f13b1b15c53.css
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 115
Connection: keep-alive
Last-Modified: Tue, 20 Oct 2015 21:22:09 GMT
ETag: "5626b081-73"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 6 x 9, 8-bit/color RGBA, non-interlaced\012- data
Size:   115
Md5:    55fb15d0d2a9901204166397546a553c
Sha1:   1f7aeaf85fb7b3e9abd0124443ab819e87c1e9f9
Sha256: 1438cbb895bd594198647f8664d4daeb8dfab9299ac83e30735cc23f9dff6b41
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xn--90advg.xn--p1ai
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 19:00:04 GMT
Expires: Tue, 28 Nov 2023 19:00:04 GMT
Cache-Control: public, max-age=31536000
Age: 161806
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size:   16740
Md5:    e43b535855a4ae53bd5b07a6eeb3bf67
Sha1:   6507312d9491156036316484bf8dc41e8b52ddd9
Sha256: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
                                        
                                            GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xn--90advg.xn--p1ai
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 10800
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 14:39:56 GMT
Expires: Sat, 25 Nov 2023 14:39:56 GMT
Cache-Control: public, max-age=31536000
Age: 436614
Last-Modified: Tue, 19 Apr 2022 18:07:45 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10800, version 1.0\012- data
Size:   10800
Md5:    6d9d0bddb868f2299504e7aa3de4ad12
Sha1:   d1eccb375f0bcd664204a4389db938c2bbe6749a
Sha256: 998691c2c0c408e5cbf98147176c36679708ce66b26b77f3fc30b83fa5bab311
                                        
                                            GET /custom/my/img/search.png HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/cache/css/0685b4750faabe460cb57f13b1b15c53.css
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 1244
Connection: keep-alive
Last-Modified: Sun, 14 Jun 2015 00:35:44 GMT
ETag: "557ccc60-4dc"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Size:   1244
Md5:    ddb4432deba536bc73f45d7e76a3e2e3
Sha1:   347ea08627a6bddf013b0ab65d03d5022a6ac1d6
Sha256: 5645b038d568dfc9f65a59232e46e2163308aab41056775a2d7685c6ee44645a
                                        
                                            GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xn--90advg.xn--p1ai
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16324
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 21:54:51 GMT
Expires: Thu, 23 Nov 2023 21:54:51 GMT
Cache-Control: public, max-age=31536000
Age: 583319
Last-Modified: Tue, 19 Apr 2022 18:08:32 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16324, version 1.0\012- data
Size:   16324
Md5:    f43fa5b4f6366eae0039e4e49db645de
Sha1:   d7fec074ba8b6e69bec4a995ea722d3d1513ad43
Sha256: 0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 1150
Connection: keep-alive
Last-Modified: Sat, 13 Jun 2015 22:47:02 GMT
ETag: "557cb2e6-47e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    c84f7933ea2213c3f4a533c562c661f4
Sha1:   ad5b35f3fcb710edfe04e2bd49fda8cd5125bc25
Sha256: aa6ad468935d93f4bbb961a88b341e9e249892782a46b3be7297b3192359354c
                                        
                                            GET /s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xn--90advg.xn--p1ai
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 36220
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:02:44 GMT
Expires: Wed, 29 Nov 2023 17:02:44 GMT
Cache-Control: public, max-age=31536000
Age: 82447
Last-Modified: Wed, 27 Apr 2022 17:03:05 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 36220, version 1.0\012- data
Size:   36220
Md5:    703384eb990fa92cab3b11662e55234f
Sha1:   825232b537f04761e3f866599f3abb7c14d32d60
Sha256: 38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b
                                        
                                            GET /cache/js/da231c5f36ed3c92a08792a409323e03.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:51 GMT
Content-Length: 21890
Connection: keep-alive
Last-Modified: Mon, 31 Jan 2022 09:30:44 GMT
ETag: "5582-5d6dd705cc8d3"
Accept-Ranges: bytes
Cache-Control: max-age=864000


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (21778)
Size:   21890
Md5:    32114260fa5a4ef946416ef43cb190c3
Sha1:   4f3536fc655e61eb92d5c90183b735447a52ff02
Sha256: 3e5999572c514462ec376a40f6c683ba0ffd8036ec78c5a3bf3558397cc69612

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 15:56:51 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 04 Dec 2022 13:31:55 GMT
ETag: "fe837cc2a39e20ae4408f0d7c297df7dcd2a90c4"
Last-Modified: Wed, 30 Nov 2022 13:31:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 465
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7724c68329ebb4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    dad3ed1d758a777a7541c9639de5b064
Sha1:   fe837cc2a39e20ae4408f0d7c297df7dcd2a90c4
Sha256: 4fdcc4f6e53413d7090aac5ee1dea63d70a6c35ae287abb5a58b0c318e47fcb6
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.34.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 14:41:08 GMT
expires: Wed, 30 Nov 2022 16:41:08 GMT
cache-control: public, max-age=7200
age: 4543
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /js/api/openapi.js?162 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         93.186.225.194
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: kittenx
date: Wed, 30 Nov 2022 15:56:51 GMT
content-length: 23322
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
etag: "62f3c441-5b1a"
content-encoding: br
expires: Sun, 04 Dec 2022 15:56:51 GMT
cache-control: max-age=345600
x-frontend: front605110
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3849)
Size:   23322
Md5:    b33ff213862515e45744517b207d77db
Sha1:   7d69b309a9c1d918d8dc7b42c510d08321207b9c
Sha256: a5cd610dc23e643864c8827d58736c15b955328124bfd95661c88a7b96eaed47
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 15:11:14 GMT
cache-control: public,max-age=3600
age: 2737
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /rtrg?p=VK-RTRG-395926-8nlMn&metatag_url=http%3A%2F%2Fxn--90advg.xn--p1ai%2F%25D0%25BF%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B5%25D1%2580%25D0%25BA%25D0%25B0-%25D0%25BF%25D0%25BE%25D0%25BB%25D0%25B8%25D1%2581%25D0%25B0-%25D0%25BE%25D0%25BC%25D1%2581%2F&metatag_title=%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0%20%D0%9E%D0%9C%D0%A1%20%E2%80%94%20%D0%9C%D0%93%D0%9A%D0%91.%D1%80%D1%84 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         93.186.225.194
HTTP/2 200 OK
content-type: image/gif
                                        
server: kittenx
date: Wed, 30 Nov 2022 15:56:51 GMT
content-length: 65
x-powered-by: KPHP/7.4.112780
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly remixlang=3; expires=Fri, 24 Nov 2023 12:57:32 GMT; path=/; domain=.vk.com remixstlid=9119594143058750234_zwcfsj81MIfQ2nfJJEZRK0tQ2d6GnUSTxxFekJh1FCH; expires=Thu, 30 Nov 2023 15:56:51 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front605110
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   65
Md5:    ec4341fe3a8b2c4880fbfe0ef9cde34f
Sha1:   a0947414eb426b2939ca1a05fc870763f6bfc63f
Sha256: 01229c58f8015c623259e635969b8520945e2e0de1927a1375d48ad0ce915463
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 15:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-134610070-1&cid=1835228488.1669823810&jid=1971851110&gjid=130539121&_gid=957255688.1669823810&_u=YEBAAUAAAAAAACAAI~&z=1313970448 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://xn--90advg.xn--p1ai
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         64.233.165.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://xn--90advg.xn--p1ai
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 15:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 15:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2095
Cache-Control: max-age=150295
Date: Wed, 30 Nov 2022 15:56:51 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:41:46 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qpj6xH9AzcS3Lr1eDQlIdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.234.253
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rNmoKurUi4D6+CLuDGIbb1OE3iA=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Wed, 30 Nov 2022 17:47:57 GMT
Date: Wed, 30 Nov 2022 15:56:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Wed, 30 Nov 2022 17:47:57 GMT
Date: Wed, 30 Nov 2022 15:56:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Wed, 30 Nov 2022 17:47:57 GMT
Date: Wed, 30 Nov 2022 15:56:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7LVxajVjJ1N2W-jxCmKpYHg1rS1MbrRnAVc15QmM0iH94CH1yJnR0w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:53:01 GMT
age: 39831
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 65525
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 63920
etag: "2f3a39a528d3b759060203931de33c12303592e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9330
Md5:    bbe350ea797a0fec5a19a450fc5de4b4
Sha1:   2f3a39a528d3b759060203931de33c12303592e1
Sha256: 4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 65628
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
age: 64801
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 64133
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /custom/my/js/jquery.selectbox.min.js HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 3401
Connection: keep-alive
Last-Modified: Mon, 23 Sep 2019 20:45:19 GMT
ETag: "5d892edf-d49"
Accept-Ranges: bytes


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cache/css/0685b4750faabe460cb57f13b1b15c53.css HTTP/1.1 
Host: xn--90advg.xn--p1ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--90advg.xn--p1ai/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B8%D1%81%D0%B0-%D0%BE%D0%BC%D1%81/
Cookie: SESSb0a8b31f9e309c8eddb54a138f777504=6026dc0f85b859716e7a90a1d8ffc3e5

search
                                         195.208.1.105
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: openresty
Date: Wed, 30 Nov 2022 15:56:50 GMT
Content-Length: 62711
Connection: keep-alive
Last-Modified: Fri, 11 Feb 2022 10:08:08 GMT
ETag: "f4f7-5d7bb3e6031b6"
Accept-Ranges: bytes
Cache-Control: max-age=864000


--- Additional Info ---