sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login.php
185.178.208.151301 Moved Permanently 568 B URL HTTP/1.1 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login.php
IP 185.178.208.151:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1
GET /login.php HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Wed, 29 Mar 2023 23:41:47 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login.php
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8280
Expires: Thu, 30 Mar 2023 01:59:47 GMT
Date: Wed, 29 Mar 2023 23:41:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10438
Expires: Thu, 30 Mar 2023 02:35:45 GMT
Date: Wed, 29 Mar 2023 23:41:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4327
Expires: Thu, 30 Mar 2023 00:53:54 GMT
Date: Wed, 29 Mar 2023 23:41:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 23:16:00 GMT
content-type: application/json
age: 1547
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KOWfJSBzKgRZpmShjqrJkW4m2IX7PLK7wOUXNT3FLHcwfxIJWuwv9pKlhrILivstpjNXp5nBJjE=
x-amz-request-id: T6ZZZN1KAYCE4Y4G
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 23:02:41 GMT
age: 2346
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 23:41:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d27c30671a80e09a1711d94eaede2a50
59cc4ad091f3aa778ba8b9beb86399d9483b4acd
fbda30bd8a94d1b30321ed5145ae3a5f839f5b9c40f39b012bfdea79af349f1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBDA30BD8A94D1B30321ED5145AE3A5F839F5B9C40F39B012BFDEA79AF349F1F"
Last-Modified: Wed, 29 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 30 Mar 2023 05:41:47 GMT
Date: Wed, 29 Mar 2023 23:41:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 23:17:26 GMT
age: 1462
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10779
Expires: Thu, 30 Mar 2023 02:41:27 GMT
Date: Wed, 29 Mar 2023 23:41:48 GMT
Connection: keep-alive
push.services.mozilla.com/
44.230.86.143101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.230.86.143:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b78tOSWHqWtzc9t++lJYuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9DovnG1HIDs4TYuvjkW1yzveybQ=
r3.o.lencr.org/
95.101.11.115200 OK 1.4 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 959fa48c94da55545c3e028caa28c3cb
b507658ee6149683af7909ee0923121c3ed80603
5d5a98766df56b91958efdec103712e68c429848355cb5cf52b38c9656b1a6e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9596
Expires: Thu, 30 Mar 2023 02:21:45 GMT
Date: Wed, 29 Mar 2023 23:41:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 796 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c05fb1c676ba8c50f82ea299ff47c580
c96156a5b346d17f458cb0775e85c8fbf0240e06
eb5951af9f73a0e80af0e345362238bda9f09bb63c5ea3964558dbeeb48cd8eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9596
Expires: Thu, 30 Mar 2023 02:21:45 GMT
Date: Wed, 29 Mar 2023 23:41:49 GMT
Connection: keep-alive
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/theme/css/main.css?1678229463
185.178.208.151200 OK 59 kB URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/theme/css/main.css?1678229463
IP 185.178.208.151:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d1ffc6720bd957aed7c65a7b3d881863
d2b1b7dedb46cc63acd1e772d2b43571d1db9024
6268097c676b3265d45dccda48913bd025194130bee1b0d980e4017c9f8d7304
GET /cp/theme/css/main.css?1678229463 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 07 Mar 2023 22:51:03 GMT
etag: W/"6407bfd7-56a48"
content-encoding: br
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda18d5e-b73e-4202-b1f8-d36a10bc29f6.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda18d5e-b73e-4202-b1f8-d36a10bc29f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8de7c61ab5f849628db707ae7587904
f040cba140c3510c5e6fc0ae1e56505c3749d525
492ea40ba548983fcd3bc41a1e29b6337e4e4e83b1248dcccf82cc1e7e22df88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda18d5e-b73e-4202-b1f8-d36a10bc29f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6975
x-amzn-requestid: bd3a35e2-22bc-4b5d-8c46-74f21205e512
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA4qHKCoAMFR4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae9d-7f1dd1175a4580f75a614254;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Q39PWwkZfIyNwmE_PBk86LfcqDKgLlbLsU2ewpLgeCv9hehTL9Gvsw==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
etag: "f040cba140c3510c5e6fc0ae1e56505c3749d525"
content-type: image/jpeg
age: 7019
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758b58b-ff2a-473e-8cfd-34364d9c0309.webp
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758b58b-ff2a-473e-8cfd-34364d9c0309.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25d5cc0ad63b812b700df54509f24838
580d2b5972de021332b7b3aeb66f0422b65cf3a3
6f75fdbc2b3885c313e6155dfc78479a12989341b71b8be9315755567b6b57ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758b58b-ff2a-473e-8cfd-34364d9c0309.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7377
x-amzn-requestid: 4473029d-2422-4a34-b459-4827015c363d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA6JHnjIAMF-5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424aea7-4ca5ea2b6548696d68058f8f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:27 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: IQvziHq67goTG3BZ3DjTTKLTMem2KKW_aDdqfPNsHMTFAIP6oTlizQ==
via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
etag: "580d2b5972de021332b7b3aeb66f0422b65cf3a3"
content-type: image/jpeg
age: 7019
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3261e7e3ac917fa959fcf8648c3ab98
bb4ef5a29187d75c97ef3f7a5672ccb009791561
4070b831a379ae1ed187a03b479460842cb2ece90d77c30fc6fc4517bc76f3b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8560
x-amzn-requestid: 5f1fbb58-48aa-430f-a132-0e7057e159c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CewdRFeIoAMF-uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64229454-40f85a155c9e623374d21bb8;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 07:16:36 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nyhw0gOUkvg7zzOBejYRXvDhs-rf8IRF9xFxeMWZYCX_iNq_JA8d4A==
via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 07:36:07 GMT
age: 57942
etag: "bb4ef5a29187d75c97ef3f7a5672ccb009791561"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3697d60-af19-4bfb-9d00-0a88b42c7092.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3697d60-af19-4bfb-9d00-0a88b42c7092.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6119f1997cb5d1f4e61ddeeedae7a35f
13e9881bc79a5c361211430b0ba20eab32b3dbef
f38d53a870575f53855e00b6cb5422ffbf7a2210ccff25fc837c6a71b0d528b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3697d60-af19-4bfb-9d00-0a88b42c7092.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9030
x-amzn-requestid: 5e98c214-3229-484f-911f-ca61e9a6ada3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cew9OHDgoAMFqxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64229521-0014bec92bd97c080a5015fd;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 07:20:01 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: iKE8kCq1U3EIAGIg4aerYZ6j0MeCjGzp9G_7aExDq23hzJtxZVg05A==
via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 07:28:58 GMT
age: 58371
etag: "13e9881bc79a5c361211430b0ba20eab32b3dbef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2021c271f9290204bd14cd2a3a1680fc
39b68cbcaba381d63dc67bc289fb67c849adb9ff
a84c5dd1e52d7cd535e04cb455891a1442000eb0e4381031c976b4cf3be96f2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4549
x-amzn-requestid: 70e07309-5fc5-4307-b455-29a187eae0d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoBHFFoAMFx5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afcc-298f18fd0cf0b37465a74c13;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: kbG1Llnn0Elhz5ItoJyufkUgoB5FhmvLpk2oQox2HPnSHeBfCOuXXw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
age: 7019
etag: "39b68cbcaba381d63dc67bc289fb67c849adb9ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/javascript/externals/require.js?1676277804
185.178.208.151200 OK 12 kB URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/javascript/externals/require.js?1676277804
IP 185.178.208.151:0
File type ASCII text, with very long lines (17560)
Hash 927b9d41651498bc4ffb372a463eb77d
5dd11399890673baf42d5c0b25c639b122591e33
b37261faff338245f56b8441f907a8a6ce43701248d6a0404ed6a5a2bebaceaf
GET /cp/javascript/externals/require.js?1676277804 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Feb 2023 08:43:24 GMT
etag: W/"63e9f82c-4562"
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd
185.178.208.151200 OK 62 kB URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd
IP 185.178.208.151:0
File type Web Open Font Format (Version 2), TrueType, length 61548, version 1.0\012- data
Hash e9681ca3d29d814a5621d4764dd1a11e
bbda68459fc0531b915bdf9e524ecc8f782db0aa
51f0bacf9e49a400a5a2947ef6b14127ef3241b0760d97721e0aedd7add66456
GET /ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/plesk-ui-library.css?1676285500
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:50 GMT
content-type: font/woff2
content-length: 61548
last-modified: Mon, 13 Feb 2023 10:51:40 GMT
etag: "63ea163c-f06c"
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5
185.178.208.151200 OK 60 kB URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5
IP 185.178.208.151:0
File type Web Open Font Format (Version 2), TrueType, length 59600, version 1.0\012- data
Hash e78dce533ecee30c5efd812bb23c248d
87d988c2f0343952ccded7c17b000e33db6f3d15
03e2544599e5a06566b2579f82ac6e445b724435fccb1f3e8988e58f45b1fc5e
GET /ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/plesk-ui-library.css?1676285500
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:50 GMT
content-type: font/woff2
content-length: 59600
last-modified: Mon, 13 Feb 2023 10:51:40 GMT
etag: "63ea163c-e8d0"
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/images/apple-touch-icon.png?1676291193
185.178.208.151200 OK 4.5 kB URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/images/apple-touch-icon.png?1676291193
IP 185.178.208.151:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash ebbd61fb584cc8ae62ffa726070c952f
7aefbffc866e859207b23f736faeac97f51414e6
b23ec702f16e22329aa8d8a74cede38c886e609acd467517a004439cbbb1da1c
GET /images/apple-touch-icon.png?1676291193 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:50 GMT
content-type: image/png
content-length: 4528
last-modified: Mon, 13 Feb 2023 12:26:33 GMT
etag: "63ea2c79-11b0"
accept-ranges: bytes
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/plesk-ui-library.css?1676285500
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/plesk-ui-library.css?1676285500
IP 185.178.208.151:0
GET /ui-library/plesk-ui-library.css?1676285500 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:49 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 13 Feb 2023 10:51:40 GMT
etag: W/"63ea163c-2ceab"
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/plesk-ui-library.min.js?1676285500
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/plesk-ui-library.min.js?1676285500
IP 185.178.208.151:0
GET /ui-library/plesk-ui-library.min.js?1676285500 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Feb 2023 10:51:40 GMT
etag: W/"63ea163c-76860"
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/modules/letsencrypt/global.css?1678324627
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/modules/letsencrypt/global.css?1678324627
IP 185.178.208.151:0
GET /modules/letsencrypt/global.css?1678324627 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:48 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 09 Mar 2023 01:17:07 GMT
etag: W/"64093393-2a4"
content-encoding: br
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login.php
185.178.208.151303 See Other 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login.php
IP 185.178.208.151:0
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1
GET /login.php HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; Domain=.girisimajbet.com; HttpOnly; Path=/; Expires=Thu, 28-Mar-2024 23:41:47 GMT
date: Wed, 29 Mar 2023 23:41:48 GMT
content-type: text/html; charset=utf-8
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Wed, 29 Mar 2023 23:41:48 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
location: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
IP 185.178.208.151:0
GET /login_up.php HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:48 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Wed, 29 Mar 2023 23:41:48 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U; path=/; secure; HttpOnly
content-encoding: br
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/javascript/externals/prototype.js?1676277804
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/javascript/externals/prototype.js?1676277804
IP 185.178.208.151:0
GET /cp/javascript/externals/prototype.js?1676277804 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Feb 2023 08:43:24 GMT
etag: W/"63e9f82c-17b8d"
content-encoding: br
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/javascript/main.js?1680126663
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/javascript/main.js?1680126663
IP 185.178.208.151:0
GET /cp/javascript/main.js?1680126663 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 29 Mar 2023 21:51:03 GMT
etag: W/"6424b2c7-9b024"
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/modules/social-login/styles/main.css
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/modules/social-login/styles/main.css
IP 185.178.208.151:0
GET /modules/social-login/styles/main.css HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:50 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 01 Mar 2023 01:38:59 GMT
etag: W/"63feacb3-7f4"
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/modules/notifier/global.js?1676080268
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/modules/notifier/global.js?1676080268
IP 185.178.208.151:0
GET /modules/notifier/global.js?1676080268 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 11 Feb 2023 01:51:08 GMT
etag: W/"63e6f48c-3aa5"
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/images/symbols.svg?282a024a3dd7555a41ef6815c5fb72e4
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/ui-library/images/symbols.svg?282a024a3dd7555a41ef6815c5fb72e4
IP 185.178.208.151:0
GET /ui-library/images/symbols.svg?282a024a3dd7555a41ef6815c5fb72e4 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:50 GMT
content-type: image/svg+xml
last-modified: Mon, 13 Feb 2023 10:51:40 GMT
etag: W/"63ea163c-3faaf"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/images/favicon.svg?1676291193
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/images/favicon.svg?1676291193
IP 185.178.208.151:0
GET /images/favicon.svg?1676291193 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:50 GMT
content-type: image/svg+xml
last-modified: Mon, 13 Feb 2023 12:26:33 GMT
etag: W/"63ea2c79-27a"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/modules/OsSav/global.css?1680126664
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/modules/OsSav/global.css?1680126664
IP 185.178.208.151:0
GET /modules/OsSav/global.css?1680126664 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:49 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 29 Mar 2023 21:51:04 GMT
etag: W/"6424b2c8-34"
content-encoding: br
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/theme/images/logos/plesk/logo.svg
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/theme/images/logos/plesk/logo.svg
IP 185.178.208.151:0
GET /cp/theme/images/logos/plesk/logo.svg HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:50 GMT
content-type: image/svg+xml
last-modified: Mon, 13 Feb 2023 08:43:24 GMT
etag: W/"63e9f82c-aa8"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/javascript/vendors.js?1676277804
185.178.208.151200 OK 0 B URL HTTP/2 sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/cp/javascript/vendors.js?1676277804
IP 185.178.208.151:0
GET /cp/javascript/vendors.js?1676277804 HTTP/1.1
Host: sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sberbank.avito.sber.avito.avito.avito.covid19.girisimajbet.com/login_up.php
Cookie: __ddg1_=uQJPHrtGVjjkbHLEcKT6; plesk-ext-social-login-jwt-session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJwbGVzayIsImlhdCI6MTY4MDEzMzMwOCwiZGF0YSI6eyJzdGF0ZS1nb29nbGUiOiJTa1NxaDNWb2djdFNQYWJcL2RTd1ZwK1E4UjUyZ1wvNmxnUDFMOVhrSDd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdvb2dsZSIsInN0YXRlLWdpdGh1YiI6Ik1YMVVyT3owQk8yZ2Uyb2VXVFY0SCtZU0hDVTVUU2RKU3Z5QkpOSHd8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGdpdGh1YiIsInN0YXRlLWZhY2Vib29rIjoiRkw0c3JTRmxDUmRRMDJ4YTUrSDB1MXpFUk5cLzBvNnFmR0RSSUVmcGZ8cmVkaXJlY3QtcGxlc2s9aHR0cHMlM0ElMkYlMkZzYmVyYmFuay5hdml0by5zYmVyLmF2aXRvLmF2aXRvLmF2aXRvLmNvdmlkMTkuZ2lyaXNpbWFqYmV0LmNvbSUyRm1vZHVsZXMlMkZzb2NpYWwtbG9naW4lMkZwdWJsaWMlMkZsb2dpbi5waHAlM0Zwcm92aWRlciUzRGZhY2Vib29rIn19.MOu8gagX_alfJYzBdmMrszsIRdQnFt7PH8_iC1x5c2U
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 29 Mar 2023 23:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Feb 2023 08:43:24 GMT
etag: W/"63e9f82c-173bc4"
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2