avtozavod.do.am/
193.109.246.72301 Moved Permanently 178 B IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://avtozavod.do.am/
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20425
Expires: Wed, 22 Mar 2023 23:12:53 GMT
Date: Wed, 22 Mar 2023 17:32:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2390
Expires: Wed, 22 Mar 2023 18:12:18 GMT
Date: Wed, 22 Mar 2023 17:32:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3295
Expires: Wed, 22 Mar 2023 18:27:23 GMT
Date: Wed, 22 Mar 2023 17:32:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Mar 2023 17:27:30 GMT
content-type: application/json
age: 298
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: o22LTatd8Io2KuybZP8LJVfk9hgoX21JFOs8yhXqdOYAdBsicPDQcXaYdNmq6qTKLUoUhcaDekdf8qjlAfKSew==
x-amz-request-id: EPCRMS74MVS43Q0W
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Mar 2023 16:53:42 GMT
age: 2326
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 17:32:28 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
avtozavod.do.am/
193.109.246.72200 OK 9.6 kB IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (915)
Hash fd30d6a29c937033181d875d6ee03f15
00f1ef8a7fd7efa02af86986b2e04aa5da128729
ee2795a57cc85253a2a3ff6f2548b0323b26a3de883bc58a836b3e80632fe319
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 8avtozavoduCoz=; path=/; expires=Mon, 22-Mar-2021 17:32:30 GMT; Secure; HttpOnly; domain=.avtozavod.do.am
8avtozavoduCoz=; path=/; expires=Mon, 22-Mar-2021 17:32:30 GMT; Secure; HttpOnly; domain=.avtozavod.do.am
8avtozavoduCoz=; path=/; expires=Mon, 22-Mar-2021 17:32:30 GMT; Secure; HttpOnly; domain=.avtozavod.do.am
8avtozavodpushi=1; path=/; expires=Thu, 23-Mar-2023 16:32:30 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Sun, 07 Nov 2010 13:50:34 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
avtozavod.do.am/?e9uvH6VeaA3GGrAF8G1Sz%214pj6KSBERzNritKBSby6e8z8Fk9TP%5EW%21WRd2yiVJflxwlnsRiy%5Ezbzv1PF%3B8hhAjuY3AnLFBvCM4kLH7zr7%3BAszU48Gmp1edbU7VkNlyB1%217t%3BE6q9PpwZa1TMiJXmC1uzTEpEIjNK5JGx%5EgFWwYtm%5EqlO9GAikWRQLACSlQYNfPcZ08qjZxLvbXpT%5EO9fEndxdV9o
193.109.246.72200 OK 1.2 kB URL HTTP/1.1 avtozavod.do.am/?e9uvH6VeaA3GGrAF8G1Sz%214pj6KSBERzNritKBSby6e8z8Fk9TP%5EW%21WRd2yiVJflxwlnsRiy%5Ezbzv1PF%3B8hhAjuY3AnLFBvCM4kLH7zr7%3BAszU48Gmp1edbU7VkNlyB1%217t%3BE6q9PpwZa1TMiJXmC1uzTEpEIjNK5JGx%5EgFWwYtm%5EqlO9GAikWRQLACSlQYNfPcZ08qjZxLvbXpT%5EO9fEndxdV9o
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash 6ce4e51e37fb402dce4e7f3169eb5bb2
8bc50f4eb82fc8652bcb843c757f6bcbcdd8ee7f
ba96e77fb130ed2d63255a80dd7bf74820856c53c9a24d0a6e20faa42fd4c5f0
Analyzer Verdict Alert fortinet Malware
GET /?e9uvH6VeaA3GGrAF8G1Sz%214pj6KSBERzNritKBSby6e8z8Fk9TP%5EW%21WRd2yiVJflxwlnsRiy%5Ezbzv1PF%3B8hhAjuY3AnLFBvCM4kLH7zr7%3BAszU48Gmp1edbU7VkNlyB1%217t%3BE6q9PpwZa1TMiJXmC1uzTEpEIjNK5JGx%5EgFWwYtm%5EqlO9GAikWRQLACSlQYNfPcZ08qjZxLvbXpT%5EO9fEndxdV9o HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash d8076782b7586aea6d69480d5434652e
6bd6f10f27f62711c6783bc8b5ea72cb74622e2f
ab660e165b0044aa0ca16ab2a42ac38a1922a24a6ae6e879d4e3e1e9c19822c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f86da0dd278dab61512989673262b7b7
0a9e07a3e3001b0fd895cd6be56f4b6929048e7b
ac48a2d4cff37e533bcead879c78d3a6f937e6c07fe2aa71a7d0aa4cc5181752
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
216.58.207.228200 OK 580 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP 216.58.207.228:0
File type ASCII text, with very long lines (905), with no line terminators
Hash 69b9bdfc3ea508bd18314146f975feab
cf2f5c088cef05156b6b01902195ae97eb9d3984
562f5c60622c6be373343d44216fea8664f27371afdc35e1d195c05ba4a741d8
GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 22 Mar 2023 17:32:29 GMT
date: Wed, 22 Mar 2023 17:32:29 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.162200 OK 33 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (4131)
Hash 9a5b1ddd210a4baf81349e39ca17692f
a1371243ecee03968260a0bca86f4c41788b78d3
a559d85e3452a3aecd4b30d28534ece020246f88a776c7f58f3b9aca00f26f8e
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 22 Mar 2023 17:32:29 GMT
expires: Wed, 22 Mar 2023 17:32:29 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1677003609518580811
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 32922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
avtozavod.do.am/.s/src/css/915.css
193.109.246.72200 OK 3.8 kB URL HTTP/1.1 avtozavod.do.am/.s/src/css/915.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash 915976d39cce490606592f14ce51fc62
9c273610e584a6e12254eaa222d0d99fd7b2d19b
7fd0618122803ca0ddf72c819e82f91a4cb137f3016b54ab8fa05db03f1c23e9
GET /.s/src/css/915.css HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/css
Last-Modified: Tue, 07 Mar 2023 21:45:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6407b076-44b5"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
avtozavod.do.am/.s/src/base.min.css?v=171337
193.109.246.72200 OK 7.3 kB URL HTTP/1.1 avtozavod.do.am/.s/src/base.min.css?v=171337
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type assembler source, Unicode text, UTF-8 text, with very long lines (352)
Hash ff7894573a4bf2a56c5c12a0bbf5255e
a69ce8bab24c728bfd1afb6349c9b3957cca628d
a1b8116f855e9044ad9bb549f2d2d24f73b220dc182ac0c6405efde159725940
GET /.s/src/base.min.css?v=171337 HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Mar 2023 10:37:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"641442d8-6e66"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
avtozavod.do.am/.s/src/layer1.min.css
193.109.246.72200 OK 5.3 kB URL HTTP/1.1 avtozavod.do.am/.s/src/layer1.min.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (21841), with no line terminators
Hash 24fb187f550be3fbf943445a84c5c6fc
781e89e636d151e3c03a4ac3da5c01f0a382261e
6e641727220a44bd9ab6e5cb48b2d25af9f251fbb27bc3b666f8bb6a5892700a
GET /.s/src/layer1.min.css HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Mar 2023 12:46:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6401ec16-5551"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
avtozavod.do.am/?T6Dy%3Bk9xSqOXlI%5Ec8yteza39TSKTR3EwBq9VueYJF0Gbryi0Rthk%3B2piLsMTvmXOHTe0ndDhnYXqmLc1gIYJMuesl%21cf9Obcg6KCm2i0IWSljTLnOA9P%3BAZqh%3BqlG%3Bl%21Ze6s4sCrafSepTVRzSx%3BTKzDfUTmRzCx6f8i%3B2mS%21r0cH1BJ6A6ju7nyeD%21VZWOubv2Kf%3BXjA%5E7AP6qsYJMNI2KrRAUo
193.109.246.72200 OK 811 B URL HTTP/1.1 avtozavod.do.am/?T6Dy%3Bk9xSqOXlI%5Ec8yteza39TSKTR3EwBq9VueYJF0Gbryi0Rthk%3B2piLsMTvmXOHTe0ndDhnYXqmLc1gIYJMuesl%21cf9Obcg6KCm2i0IWSljTLnOA9P%3BAZqh%3BqlG%3Bl%21Ze6s4sCrafSepTVRzSx%3BTKzDfUTmRzCx6f8i%3B2mS%21r0cH1BJ6A6ju7nyeD%21VZWOubv2Kf%3BXjA%5E7AP6qsYJMNI2KrRAUo
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash 4a33e7cd7558f3f5a86d0fc27aee8c90
50fc0ad44d3917690997ca278091e53d0d575362
d6304d22c2821d367e3697cb9fa4e6dbeb093b8634fccd35312664d30d72b330
Analyzer Verdict Alert fortinet Malware
GET /?T6Dy%3Bk9xSqOXlI%5Ec8yteza39TSKTR3EwBq9VueYJF0Gbryi0Rthk%3B2piLsMTvmXOHTe0ndDhnYXqmLc1gIYJMuesl%21cf9Obcg6KCm2i0IWSljTLnOA9P%3BAZqh%3BqlG%3Bl%21Ze6s4sCrafSepTVRzSx%3BTKzDfUTmRzCx6f8i%3B2mS%21r0cH1BJ6A6ju7nyeD%21VZWOubv2Kf%3BXjA%5E7AP6qsYJMNI2KrRAUo HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
avtozavod.do.am/.s/src/ulightbox/ulightbox.min.css
193.109.246.72200 OK 1.4 kB URL HTTP/1.1 avtozavod.do.am/.s/src/ulightbox/ulightbox.min.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (4552), with no line terminators
Hash 9c03edbcbefe3eea8902981444de96f7
ca39997a1765ab084fb7e6740858176b9385c4ca
8487aa6ee4bd261bdf1f5b681cf96d347cd980ed45183c5a2a9571db6c891a08
GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
avtozavod.do.am/.s/src/ulightbox/ulightbox.min.js
193.109.246.72200 OK 7.7 kB URL HTTP/1.1 avtozavod.do.am/.s/src/ulightbox/ulightbox.min.js
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (22313), with no line terminators
Hash a75011b4b2ffeaa63060ffbb03e2c66f
69d57fe045c036554f20958c5c62a7fcfc622980
29965c29892b83aab0666717f0dd62747011cf46c8824b66c260fd4a6b0cd736
Analyzer Verdict Alert fortinet Malware
GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/javascript
Last-Modified: Tue, 07 Feb 2023 13:52:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63e25793-5729"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Mar 2023 17:17:23 GMT
age: 906
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9446303f24a6e8e8d138867549399aa2
410a03d7475ec879b8e346f1706aea491e3f1da5
f7d7017ca9dbdf1822739e9baa6f34868504e6ce0d827aeeef82517c5db72960
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f86da0dd278dab61512989673262b7b7
0a9e07a3e3001b0fd895cd6be56f4b6929048e7b
ac48a2d4cff37e533bcead879c78d3a6f937e6c07fe2aa71a7d0aa4cc5181752
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2749
Expires: Wed, 22 Mar 2023 18:18:18 GMT
Date: Wed, 22 Mar 2023 17:32:29 GMT
Connection: keep-alive
avtozavod.do.am/.s/src/jquery-3.6.0.min.js
193.109.246.72200 OK 31 kB URL HTTP/1.1 avtozavod.do.am/.s/src/jquery-3.6.0.min.js
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (65447)
Hash 08df9f54c9e2e91db3aadc1baff368a5
a8e6c9343489d3c36cf262a10f59d22540248c49
417453d1fcaba01d9543b7649fc12ee865e118714d5f86a8316216e9bb4fdd20
Analyzer Verdict Alert fortinet Malware
GET /.s/src/jquery-3.6.0.min.js HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/javascript
Last-Modified: Thu, 01 Sep 2022 17:44:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef6c-15d9d"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
avtozavod.do.am/.s/src/uwnd.min.js
193.109.246.72200 OK 57 kB URL HTTP/1.1 avtozavod.do.am/.s/src/uwnd.min.js
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20adfead3a54ad11599adb1bab3d6fc6
23bb516448d5c643cb186ad9aec426388aa79dfd
b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4
Analyzer Verdict Alert fortinet Malware
GET /.s/src/uwnd.min.js HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
s72.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.162579038797716
193.109.246.72200 OK 0 B URL HTTP/1.1 s72.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.162579038797716
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.162579038797716 HTTP/1.1
Host: s72.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ru.leonbets.com/img/banners/125x125_ru_promo.gif
69.172.201.202301 Moved Permanently 162 B URL HTTP/1.1 ru.leonbets.com/img/banners/125x125_ru_promo.gif
IP 69.172.201.202:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /img/banners/125x125_ru_promo.gif HTTP/1.1
Host: ru.leonbets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://ru.leonbets.com/img/banners/125x125_ru_promo.gif
X-DIS-Request-ID: da9a5db0c9d43c800e6deee50aed785e
Server: DOSarrest
avtozavod.do.am/images/counter.nn.gif
193.109.246.72200 OK 2.7 kB URL HTTP/1.1 avtozavod.do.am/images/counter.nn.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 88 x 31\012- data
Hash 0aac3d6da65b961ebd60f7dbb7cf3070
b036027b2f544aa1651e05c1ef51ff78eae37925
d2c4de4059e0d6569826191a7c9e722fc0d258e5189d3409d9cc1e5b423d685a
GET /images/counter.nn.gif HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/gif
Content-Length: 2682
Last-Modified: Tue, 28 Jul 2009 06:05:06 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4a6e9512-a7a"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/6.jpg
193.109.246.72200 OK 4.2 kB URL HTTP/1.1 avtozavod.do.am/.s/t/915/6.jpg
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 914x32, components 3\012- data
Hash 4781fa8d99495872f9404254d5a15a89
75933cc98b0d4b1987b110fed750feb461955bae
0968031e1ed1cd1d954d10006a78d70b939ba47b3797505dc48603f0b1607537
GET /.s/t/915/6.jpg HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/jpeg
Content-Length: 4151
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-1037"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/5.jpg
193.109.246.72200 OK 6.3 kB URL HTTP/1.1 avtozavod.do.am/.s/t/915/5.jpg
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 914x34, components 3\012- data
Hash 727c8bae03924ced98f0dafd4a8558ae
4acbf2abab9661405426d36b1177a8528627aed1
44f93f25305048c0ebfd0e8fc842f45f67bafc0d3f7aa7085c5525dc598b66c2
GET /.s/t/915/5.jpg HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/jpeg
Content-Length: 6342
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-18c6"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/2.jpg
193.109.246.72200 OK 685 B URL HTTP/1.1 avtozavod.do.am/.s/t/915/2.jpg
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 12x702, components 3\012- data
Hash 918ee0138428150b4edaf1a4ee05fd64
591a74ebfab55259270e4730b695073cc3491560
6ea44a538473457bfe825cc6f90f35abebe410abb9eecff9525d7d5333094580
GET /.s/t/915/2.jpg HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/jpeg
Content-Length: 685
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-2ad"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/10.gif
193.109.246.72200 OK 67 B URL HTTP/1.1 avtozavod.do.am/.s/t/915/10.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 13 x 13\012- data
Hash 29fe3fdeec5b6a4df41966f1dd5dd19d
f487d2c730cfb8534767d8a688697e22f30c452b
53b98b1f31dd912cb9943979d2f6d49a8848dbeb2158422981ea25216bbc9c40
GET /.s/t/915/10.gif HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/gif
Content-Length: 67
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-43"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/8.gif
193.109.246.72200 OK 4.5 kB URL HTTP/1.1 avtozavod.do.am/.s/t/915/8.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 207 x 800\012- data
Hash b12d22c7b8132810aca535ae644b20d8
d7407bf0ed5d0645be1e162c37081fa803b3c3e5
e6d205dc923c43b4574c7dbf66b8c59708db23537657cdfb1e0b7560310de99b
GET /.s/t/915/8.gif HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/gif
Content-Length: 4482
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-1182"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/7.gif
193.109.246.72200 OK 2.7 kB URL HTTP/1.1 avtozavod.do.am/.s/t/915/7.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 207 x 50\012- data
Hash 40f8f6d6bba5e75e6694f7393ec5b0b3
0ccc46681c71679cc0fd15222d87ece5961cd10f
eb7970133e97ca9272c19e5c414b897c7abcfca4e5667d122868d4badb28c5a4
GET /.s/t/915/7.gif HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/gif
Content-Length: 2700
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-a8c"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/3.jpg
193.109.246.72200 OK 15 kB URL HTTP/1.1 avtozavod.do.am/.s/t/915/3.jpg
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 914x50, components 3\012- data
Hash f2decc0e626cc902ed300d9ddf4690c1
b0d4334dc214031929fe64b8715074fedec7a851
62c047c517eab22d5ac724a6cf30078fb2c77b0adaaf20a69ad71fd141373cfa
GET /.s/t/915/3.jpg HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/jpeg
Content-Length: 15013
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-3aa5"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/4.jpg
193.109.246.72200 OK 30 kB URL HTTP/1.1 avtozavod.do.am/.s/t/915/4.jpg
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 914x167, components 3\012- data
Hash ad0aaa776a05ef5b2146fc37cf6dc7ef
b8e4108e5bf5045caaf8ccdb2fd3b73548e78753
c8aca52f87edecfcbc037034ea201c5e5d40e64b72703c705c416c62cf52ee81
GET /.s/t/915/4.jpg HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/jpeg
Content-Length: 30137
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-75b9"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/.s/t/915/11.gif
193.109.246.72200 OK 572 B URL HTTP/1.1 avtozavod.do.am/.s/t/915/11.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 15 x 16\012- data
Hash 72e3310c06f999e1fb152c3a6ff74dfa
e225560182f95148a853328ce9b5517008e3000a
89fd2a57feda83dedb8e48f6aa22f0359d68cc436c7d3a6b44eaadb67cd181f2
GET /.s/t/915/11.gif HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/.s/src/css/915.css
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/gif
Content-Length: 572
Last-Modified: Wed, 03 Dec 2014 12:48:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f068c-23c"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
wmcasher.ru/captcha/
104.21.71.213200 OK 1.4 kB IP 104.21.71.213:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 50x21, components 3\012- data
Hash d7e2a6c9577f6e4a7e603a8b2c6d3932
7d58d4af799f82048bf716f6e25fd63621caa597
a17b0d5e7ef5b47f797d51b610ae667e367d8f4ea3427453d61aed5bf835697f
GET /captcha/ HTTP/1.1
Host: wmcasher.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.45-0+deb7u8
Set-Cookie: PHPSESSID=dtnoufftcudd088hlvnim79ji1; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPOXHtJhN9HAo292VI7QKdPJCFhw94cDplDvQi1JKbcuygmNCrybkvTZ2ZtBFKx5PsO5r2kKQErNZu%2FUHeimwhvtRuvj0nBoQiV7paU2P%2BjFZcH%2BPd09jTJVJvGu6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac02c9bae53b4ed-OSL
alt-svc: h2=":443"; ma=60
avtozavod.do.am/.s/img/stars/3/12.png
193.109.246.72200 OK 1.2 kB URL HTTP/1.1 avtozavod.do.am/.s/img/stars/3/12.png
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type PNG image data, 12 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 350693463200bbe9388eec7d1a208289
9a310a7dd3c068636b224d253e0df9ce09784df2
aa22bfd07d6d73ee1e2fc304bf81625c716e83f81e1dfc044560b54595bdec28
GET /.s/img/stars/3/12.png HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/png
Content-Length: 1161
Last-Modified: Mon, 21 Nov 2022 12:38:49 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7159-489"
Expires: Tue, 11 Apr 2023 17:32:30 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
avtozavod.do.am/?jw1R3OAeY3lnNjdsH%5Ehh%5EyaSs7w9l%3BFhD%5ExiwN97Ij4bBx9TJwX7y455iR28LSOpNAS9uu%3BLcmjpkyHKGLF%3BKgoo
193.109.246.72200 OK 802 B URL HTTP/1.1 avtozavod.do.am/?jw1R3OAeY3lnNjdsH%5Ehh%5EyaSs7w9l%3BFhD%5ExiwN97Ij4bBx9TJwX7y455iR28LSOpNAS9uu%3BLcmjpkyHKGLF%3BKgoo
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8643cac9d1f154dfe497da00e0ac1dd1
fba1b5a412601d36fd70c4c3bb9cfd8b29a4e2d5
3265c4b80c238f2d346c2779424c070a108e1b2aa1e5bbf0c77baf8035797214
Analyzer Verdict Alert fortinet Malware
GET /?jw1R3OAeY3lnNjdsH%5Ehh%5EyaSs7w9l%3BFhD%5ExiwN97Ij4bBx9TJwX7y455iR28LSOpNAS9uu%3BLcmjpkyHKGLF%3BKgoo HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip
avtozavod.do.am/stat/1679506355413?01
193.109.246.72302 Found 221 B URL HTTP/1.1 avtozavod.do.am/stat/1679506355413?01
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f6a27b29489aa5890bb3319f4808bd1e
fa790e3f263a90cb724d626f9863102850a2860d
2769c53dfb7a57190898b476573dffa1ffb56c0dfae5a1eeb5e11ebca3df394b
Analyzer Verdict Alert fortinet Malware
GET /stat/1679506355413?01 HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 8avtozavoducnid=pAB1z4djbO; domain=avtozavod.do.am; path=/stat/541494509; expires=Wed, 22-Mar-2023 17:32:40 GMT
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://avtozavod.do.am/stat/541494509?11
push.services.mozilla.com/
54.148.153.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.153.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rkpeQgeEOdz7/xsBQDw4Sg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1+eIPpQi1GFsBg/fpvwGXPrKEG4=
s72.ucoz.net/adv/dummy/000/css/style.css
193.109.246.72200 OK 1.6 kB URL HTTP/1.1 s72.ucoz.net/adv/dummy/000/css/style.css
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
Hash 50406c447ccad47ca9e5d53eff612ffb
16e3921585135a87a1066689c9c67a312d96c92d
01a0732bba96fb38be885a1d233fecf52e32c7e07e48cd05f6f07a3690ea304c
GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s72.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a36fd-19eb"
Content-Encoding: gzip
avtozavod.do.am/stat/541494509?11
193.109.246.72200 OK 396 B URL HTTP/1.1 avtozavod.do.am/stat/541494509?11
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 87a, 88 x 31\012- data
Hash 3dcfe08d239ab0bf1a931ade5fa7060c
f70a6a7c913c73af70f7838747a2173124520d44
2b0689da9debc4c9100942e75a3d9df8660703b1daaae5258dd55fb91f96e1a6
Analyzer Verdict Alert fortinet Malware
GET /stat/541494509?11 HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avtozavod.do.am/
Connection: keep-alive
Cookie: 8avtozavoducnid=pAB1z4djbO; 8avtozavodpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:30 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: ucvid=LFpXG0UTwX; path=/; expires=Thu, 21-Mar-2024 17:32:30 GMT
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 54275fe1af7434956da2bea7652111be
8fbbd9cc21e2195ca694ad4d17213938559ddc00
64b41d27ff40a09cea11b4d553a46974586619645839db11b4f138cd7d842018
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64B41D27FF40A09CEA11B4D553A46974586619645839DB11B4F138CD7D842018"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2545
Expires: Wed, 22 Mar 2023 18:14:54 GMT
Date: Wed, 22 Mar 2023 17:32:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 54275fe1af7434956da2bea7652111be
8fbbd9cc21e2195ca694ad4d17213938559ddc00
64b41d27ff40a09cea11b4d553a46974586619645839db11b4f138cd7d842018
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64B41D27FF40A09CEA11B4D553A46974586619645839DB11B4F138CD7D842018"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2545
Expires: Wed, 22 Mar 2023 18:14:54 GMT
Date: Wed, 22 Mar 2023 17:32:29 GMT
Connection: keep-alive
s72.ucoz.net/adv/dummy/000/img/ucoz-logo.png
193.109.246.72200 OK 4.6 kB URL HTTP/1.1 s72.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2
GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s72.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:31 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fd-11e9"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09dd5dd28f42b31904109772bd58ee03
ef033934e1f35f87eae5a316dc308f77732a87b4
efc2fec90554e5ed02a6a2628afa13af40be818511c09d003202a216fd74314a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFC2FEC90554E5ED02A6A2628AFA13AF40BE818511C09D003202A216FD74314A"
Last-Modified: Tue, 21 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21588
Expires: Wed, 22 Mar 2023 23:32:17 GMT
Date: Wed, 22 Mar 2023 17:32:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f2d9058a696bc3684e9116b15fef251b
8915ec6b4396539cdb639cb5abf1dd9a9762650c
886cd009bfce7f31c36e479c5fb443d8ae66bcd0a736043317c77ccb81809210
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rot.spotsniper.ru/?src=ujs6
31.172.81.158200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
rot.spotsniper.ru/?src=ujs6&s_subid=btn
31.172.81.158200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6&s_subid=btn
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6&s_subid=btn HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
216.58.207.193200 OK 60 kB URL HTTP/2 themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP 216.58.207.193:0
File type Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Hash 0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avtozavod.do.am
Connection: keep-alive
Referer: https://s72.ucoz.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 60332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 16:08:58 GMT
expires: Fri, 15 Mar 2024 16:08:58 GMT
cache-control: public, max-age=31536000
age: 523411
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ru.leonbets.com/img/banners/125x125_ru_promo.gif
69.172.201.202404 Not Found 579 B URL HTTP/2 ru.leonbets.com/img/banners/125x125_ru_promo.gif
IP 69.172.201.202:0
Hash 8695dabb65604f5d218946e44c539f88
0fb00c3a5098f6e1352c82630994df513477fd98
8134178854d8a1fa050a696524922bec256cd2c1f2d49d9267a4c0682a7380fd
GET /img/banners/125x125_ru_promo.gif HTTP/1.1
Host: ru.leonbets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 22 Mar 2023 17:32:29 GMT
content-type: text/html
content-encoding: gzip
x-dis-request-id: 782e46863555feabf5ea5a9fb4881bdc
server: DOSarrest
X-Firefox-Spdy: h2
s72.ucoz.net/adv/dummy/000/img/bg.gif
193.109.246.72200 OK 1.3 kB URL HTTP/1.1 s72.ucoz.net/adv/dummy/000/img/bg.gif
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 485 x 3\012- data
Hash b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50
GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s72.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s72.ucoz.net/adv/dummy/000/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:31 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fd-4f4"
Accept-Ranges: bytes
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 1df84ff78b6d3160f52a4d36e56585b8
a49b2be9c7d9bdc031c9abfcd9fad95c028def9c
b5d2feee57db87e477576c1fed8d86d7e2d8eca72f80a131460beeba25523bfb
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 26 Mar 2023 14:23:49 GMT
ETag: "a49b2be9c7d9bdc031c9abfcd9fad95c028def9c"
Last-Modified: Wed, 22 Mar 2023 14:23:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 151
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac02c9e6f29b512-OSL
counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//avtozavod.do.am/;s1280*1024*24;uhttps%3A//avtozavod.do.am/%3Fjw1R3OAeY3lnNjdsH%255Ehh%255EyaSs7w9l%253BFhD%255ExiwN97Ij4bBx9TJwX7y455iR28LSOpNAS9uu%253BLcmjpkyHKGLF%253BKgoo;1679506355745
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//avtozavod.do.am/;s1280*1024*24;uhttps%3A//avtozavod.do.am/%3Fjw1R3OAeY3lnNjdsH%255Ehh%255EyaSs7w9l%253BFhD%255ExiwN97Ij4bBx9TJwX7y455iR28LSOpNAS9uu%253BLcmjpkyHKGLF%253BKgoo;1679506355745
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_topline_worldwide?rhttps%3A//avtozavod.do.am/;s1280*1024*24;uhttps%3A//avtozavod.do.am/%3Fjw1R3OAeY3lnNjdsH%255Ehh%255EyaSs7w9l%253BFhD%255ExiwN97Ij4bBx9TJwX7y455iR28LSOpNAS9uu%253BLcmjpkyHKGLF%253BKgoo;1679506355745 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 21 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355183
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355183
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoznet?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355183 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 21 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit?t57.2;r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;0.797560016987395
88.212.202.52200 OK 686 B URL HTTP/1.1 counter.yadro.ru/hit?t57.2;r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;0.797560016987395
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 88 x 31\012- data
Hash 30fec52beac1ffdf47fe6f3365b387bb
79cd0ba34ffa64078716d988d896521536da0844
3d9a6b363f4bc5d5475a5e9d1b034959872d1c71b24facc2f17282bd49f0b9b3
GET /hit?t57.2;r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;0.797560016987395 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: image/gif
Content-Length: 686
Connection: keep-alive
Expires: Mon, 21 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0086fc6b6b52670b2d7ca51fc65d8d44
1d906db50d0373e0e3e1e85031de970218264f4d
24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355462
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355462
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;clickgate08?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355462 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 21 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355183
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355183
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506355183 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 22 Mar 2023 17:32:29 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 21 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
avtozavod.do.am/favicon.ico
193.109.246.72200 OK 894 B URL HTTP/1.1 avtozavod.do.am/favicon.ico
IP 193.109.246.72:0
ASN #204343 Compubyte Limited
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Hash 8f59a5b19a42b9eda4066b09368aecaa
c71f844319843dc5f9384b4658695e19724963c9
a2f3709322554b0a1d45e57e7f17f1629799bcfa215d4f0b9f7c21b639d75e82
GET /favicon.ico HTTP/1.1
Host: avtozavod.do.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Cookie: 8avtozavodpushi=1; ucvid=LFpXG0UTwX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 17:32:31 GMT
Content-Type: image/x-icon
Content-Length: 894
Last-Modified: Wed, 07 Oct 2009 13:12:19 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4acc93b3-37e"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0086fc6b6b52670b2d7ca51fc65d8d44
1d906db50d0373e0e3e1e85031de970218264f4d
24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1c9f9ec28c59b78cc7a1c2436666e111
2d36a165149a4205701b91897cef3a883b23fe20
c3a70e923e216d03c6f7dc7f16d8acfad3a002a4ab622fafcd25b12395dcb2bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3A70E923E216D03C6F7DC7F16D8ACFAD3A002A4AB622FAFCD25B12395DCB2BC"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6735
Expires: Wed, 22 Mar 2023 19:24:45 GMT
Date: Wed, 22 Mar 2023 17:32:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8a237b3ec23da41b2cdefc39b643691f
322b5b2a4fb99140ac53a94058d34a4806133519
4d88ec2ff0cf38948e56dabbd03130bb35850d89921fe80e242e762fedde2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9446303f24a6e8e8d138867549399aa2
410a03d7475ec879b8e346f1706aea491e3f1da5
f7d7017ca9dbdf1822739e9baa6f34868504e6ce0d827aeeef82517c5db72960
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=avtozavod.do.am
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=avtozavod.do.am
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=avtozavod.do.am HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 22 Mar 2023 17:32:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=avtozavod.do.am
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=avtozavod.do.am
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=avtozavod.do.am HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 22 Mar 2023 17:32:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8a237b3ec23da41b2cdefc39b643691f
322b5b2a4fb99140ac53a94058d34a4806133519
4d88ec2ff0cf38948e56dabbd03130bb35850d89921fe80e242e762fedde2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3225671567133129&output=html&h=200&slotname=3909764803&adk=3117301398&adf=1132894088&pi=t.ma~as.3909764803&w=200&lmt=1289137834&url=https%3A%2F%2Favtozavod.do.am%2F&wgl=1&dt=1679506355376&bpp=29&bdt=468&idt=656&shv=r20230320&mjsv=m202303150101&ptt=5&saldr=sa&abxe=1&correlator=5950740168624&frm=20&pv=2&ga_vid=2014763584.1679506356&ga_sid=1679506356&ga_hid=912841782&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=194&ady=635&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759837%2C31071267&oid=2&pvsid=294480540739226&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MQqgHPyinl&p=https%3A//avtozavod.do.am&dtd=807
216.58.207.194400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3225671567133129&output=html&h=200&slotname=3909764803&adk=3117301398&adf=1132894088&pi=t.ma~as.3909764803&w=200&lmt=1289137834&url=https%3A%2F%2Favtozavod.do.am%2F&wgl=1&dt=1679506355376&bpp=29&bdt=468&idt=656&shv=r20230320&mjsv=m202303150101&ptt=5&saldr=sa&abxe=1&correlator=5950740168624&frm=20&pv=2&ga_vid=2014763584.1679506356&ga_sid=1679506356&ga_hid=912841782&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=194&ady=635&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759837%2C31071267&oid=2&pvsid=294480540739226&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MQqgHPyinl&p=https%3A//avtozavod.do.am&dtd=807
IP 216.58.207.194:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-3225671567133129&output=html&h=200&slotname=3909764803&adk=3117301398&adf=1132894088&pi=t.ma~as.3909764803&w=200&lmt=1289137834&url=https%3A%2F%2Favtozavod.do.am%2F&wgl=1&dt=1679506355376&bpp=29&bdt=468&idt=656&shv=r20230320&mjsv=m202303150101&ptt=5&saldr=sa&abxe=1&correlator=5950740168624&frm=20&pv=2&ga_vid=2014763584.1679506356&ga_sid=1679506356&ga_hid=912841782&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=194&ady=635&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777877%2C44759837%2C31071267&oid=2&pvsid=294480540739226&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MQqgHPyinl&p=https%3A//avtozavod.do.am&dtd=807 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 22 Mar 2023 17:32:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Mar-2023 17:47:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 53c77f4eac44f53913d68abe7c9896d4
27b4242556156f2eaa06ff21ecb364865a50b8d9
15db303474e740477045393c0c00b8d64807d711d65e672e7263427263df6045
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.mediaboom.site/?ce=gi4tqn3fmu5ha3ddf4ztmmjr
103.224.182.208302 Found 0 B URL HTTP/1.1 ct.mediaboom.site/?ce=gi4tqn3fmu5ha3ddf4ztmmjr
IP 103.224.182.208:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?ce=gi4tqn3fmu5ha3ddf4ztmmjr HTTP/1.1
Host: ct.mediaboom.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Wed, 22 Mar 2023 17:32:30 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1679506350.4513569; expires=Sat, 19-Mar-2033 17:32:30 GMT; Max-Age=315360000
location: http://ww25.ct.mediaboom.site/?ce=gi4tqn3fmu5ha3ddf4ztmmjr&subid1=20230323-0432-30c9-96d2-9dbee5fd7291
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
partner.googleadservices.com/gampad/cookie.js?domain=avtozavod.do.am&callback=_gfp_s_&client=ca-pub-3225671567133129
142.250.74.34200 OK 247 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=avtozavod.do.am&callback=_gfp_s_&client=ca-pub-3225671567133129
IP 142.250.74.34:0
File type ASCII text, with very long lines (377), with no line terminators
Hash 1a8187ca4a9a8c89a8d7257b25d84e3f
5358a1bc01d09d94c68f4c5598460266b6413167
2825885ca8c134b60ff9442dc0d9e79849aabd4ede132e9d5b1b9c68bc56d33d
GET /gampad/cookie.js?domain=avtozavod.do.am&callback=_gfp_s_&client=ca-pub-3225671567133129 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 22 Mar 2023 17:32:30 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 53c77f4eac44f53913d68abe7c9896d4
27b4242556156f2eaa06ff21ecb364865a50b8d9
15db303474e740477045393c0c00b8d64807d711d65e672e7263427263df6045
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c33c89e76415c5940d5d1971f1e2198e
178db9b151d4dee35b27710ceb1f3cc7827f7753
0e5ca2a08544e0947afca36bd46d3b60bc2b9489088e26832ec8612f1abaa667
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 17:32:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.225200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.225:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 22 Mar 2023 17:32:30 GMT
expires: Wed, 22 Mar 2023 17:32:30 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.225200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.207.225:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 12:38:17 GMT
expires: Thu, 21 Mar 2024 12:38:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 17653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15196
Expires: Wed, 22 Mar 2023 21:45:46 GMT
Date: Wed, 22 Mar 2023 17:32:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Wed, 22 Mar 2023 19:00:57 GMT
Date: Wed, 22 Mar 2023 17:32:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Wed, 22 Mar 2023 19:00:57 GMT
Date: Wed, 22 Mar 2023 17:32:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15196
Expires: Wed, 22 Mar 2023 21:45:46 GMT
Date: Wed, 22 Mar 2023 17:32:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Wed, 22 Mar 2023 19:00:57 GMT
Date: Wed, 22 Mar 2023 17:32:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hqGFdT1Sk0IcvaNqfvjz5RsGBK-qMBcNKbK9FyZ7OoiH30hDL9ekxA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 22:09:39 GMT
age: 69771
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: akl7ASh6hPewrlTjOxORbQRIcBbIHLM9JQgMexhgsiPqc1OarfnPHw==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:47:59 GMT
age: 71071
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10b246700a68864e2e13eb3a2362a2ab
5aa62479325a9cb5e70e4c9b8423880a7e39272a
f8e4416ac4d95566b93f4e875033af06178f95787819086eead9620f72fe680e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9954
x-amzn-requestid: d768546f-e640-4cdb-a089-3bb4e93a8237
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqOpFFkoAMFZNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23f7-3fbd266a6c23aaa26ce8df54;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:39:03 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 1cygBrmAdFw7JGzw1iLe3_vTocGJd7xgLUSpAXyWsUFU70WM_fwteA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 9825a45e2b387a61504c0c3df20048ee.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:44:20 GMT
age: 71290
etag: "5aa62479325a9cb5e70e4c9b8423880a7e39272a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2062cf7a271d4ac7a04c0a746d443e07
3343851f2128c5f1fe4302c2aa53e8ce1fb661ac
e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqJhGnXIAMF1yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 0o5WYZHvY_8BBGYe5Nc8R4wywGaEn5C71XI7vc_ScMv7GixtP9LyTw==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 22:01:15 GMT
age: 70275
etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: dd5a8417-ddd5-469d-aa84-e880f4b84464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHqKFGRsoAMFTGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6419570d-3f28a7502b56eda47dd82ba7;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: FQwexS3AfCYYOg7T9MYj2AbSoYTII1t-c-aX4SzlwEsj0LgBWv5Now==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 06:23:16 GMT
age: 40154
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aeb0d8069d746e467fecd886c0e42628
8229b537f84a7418dc67e30691e62db4cea67f0f
24705dc5b7eefd79a35323beee7c741aa041c3bf55801d13b4ffc2b202e6a394
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8037
x-amzn-requestid: 7a9f7bb5-d810-4831-b5d2-3eead1af864a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJprcGY1IAMFSAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-53cdee4b645ed18e1dfeb92c;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QW8T5AGg_L1mT4fE8IHeBG9TSiGpbBJpZE2yZdBtAQMJCPV8OKK5Dw==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:47:59 GMT
etag: "8229b537f84a7418dc67e30691e62db4cea67f0f"
content-type: image/jpeg
age: 71071
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506358184
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506358184
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//avtozavod.do.am/;1679506358184 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtozavod.do.am/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 22 Mar 2023 17:32:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 21 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400