Overview

URL student-auto.ru/.well-known/2021/usps/verification/
IP82.202.170.188
ASNJSC IOT
Location Russia
Report completed2022-10-04 15:41:15 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 student-auto.ru/.well-known/2021/usps/verification/ Phishing
2022-10-04 2 student-auto.ru/.well-known/2021/usps/verification/ Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/jquery.validate.js Phishing
2022-10-04 2 student-auto.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.8 Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/sticky/jquery.sticky.js Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/jquery.nanoscroller.min.js Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/main.js Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/jquery.maskedinput.min.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS student-auto.ru (19) 0 2017-09-16 18:09:36 UTC 2022-08-22 00:46:33 UTC 82.202.170.188 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-10-04 11:55:48 UTC 142.250.74.10
mnemonic passive DNS fonts.gstatic.com (7) 0 2014-08-29 13:43:22 UTC 2022-10-04 09:46:16 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS api-maps.yandex.ru (5) 32678 2012-11-01 07:04:10 UTC 2022-10-04 14:43:44 UTC 87.250.251.134
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 15:06:58 UTC 143.204.55.27
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 15:17:25 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 35.155.157.101
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS mc.yandex.ru (3) 2672 2017-01-29 05:34:36 UTC 2022-10-04 08:04:40 UTC 77.88.21.119
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-10-04 04:22:54 UTC 104.18.20.226
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-04 04:24:58 UTC 69.16.175.42
mnemonic passive DNS yastatic.net (1) 72282 2014-03-11 07:15:28 UTC 2022-10-04 07:53:10 UTC 178.154.131.217


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 82.202.170.188

Date UQ / IDS / BL URL IP
2022-10-04 16:36:27 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verification 82.202.170.188
2022-10-04 15:41:15 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verific (...) 82.202.170.188
2022-10-04 15:34:56 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/ 82.202.170.188

Last 5 reports on ASN: JSC IOT

Date UQ / IDS / BL URL IP
2022-12-02 12:25:24 +0000
0 - 0 - 2 188.120.229.5/boot/u927/ApiDefaultdownloads.p (...) 188.120.229.5
2022-12-02 12:25:26 +0000
0 - 0 - 2 188.120.229.5/boot/u927/ApiDefaultdownloads.p (...) 188.120.229.5
2022-12-02 11:51:05 +0000
0 - 0 - 14 bitrix.proschet.com/ 82.146.51.141
2022-12-02 09:00:02 +0000
0 - 0 - 1 dynamicyield.org/ 185.253.33.37
2022-12-01 23:59:07 +0000
0 - 0 - 2 62.109.15.166/jspacket.php?vv8T07=SSQW1jKHtQ4 (...) 62.109.15.166

Last 3 reports on domain: student-auto.ru

Date UQ / IDS / BL URL IP
2022-10-04 16:36:27 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verification 82.202.170.188
2022-10-04 15:41:15 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verific (...) 82.202.170.188
2022-10-04 15:34:56 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/ 82.202.170.188

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-04 16:36:27 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verification 82.202.170.188
2022-10-04 15:34:56 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/ 82.202.170.188


JavaScript

Executed Scripts (13)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (68)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 14:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 18E5MymMisFhTBCyuS6kCCIXEsO_BNdioXyPO4wxblGVuZGxlG7U_A==
Age: 3239


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5096
Expires: Tue, 04 Oct 2022 17:05:59 GMT
Date: Tue, 04 Oct 2022 15:41:03 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NYgjIgopM8yWEoc3DpRAS2i5s9sP9HrkmmuXnVtNn2EDZSgo6x8mNQ==
age: 36756
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /.well-known/2021/usps/verification/ HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         82.202.170.188
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=bQY7NxJdAWVGdZjhXxWk; Domain=.student-auto.ru; HttpOnly; Path=/; Expires=Wed, 04-Oct-2023 15:41:03 GMT
Date: Tue, 04 Oct 2022 15:41:04 GMT
Location: https://student-auto.ru:443/.well-known/2021/usps/verification/
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   121
Md5:    b9b2183103bbc58fcf323861a4effb44
Sha1:   93af58744932728c97ca6bebaf09d4e653856165
Sha256: 3ffbaf6e91e058df86a5440f1fbe9a1579e5bcd9c7d00f839e51c90d9f1f91ba

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 15:41:04 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7434F6FF9117893493ED968C9C3B39D454A13A738AA73EEC76A94B33571D558D"
Last-Modified: Tue, 04 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Tue, 04 Oct 2022 21:40:44 GMT
Date: Tue, 04 Oct 2022 15:41:04 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 15:29:33 GMT
Expires: Tue, 04 Oct 2022 16:18:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hPWMxYDikseKTOV08rM9S2WQKWjoIlK_v6L1tNNHq7Kb8KEkUFYZAg==
Age: 691


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3102
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 15:41:04 GMT
Last-Modified: Tue, 04 Oct 2022 14:49:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FOBPW06iJ4enKmrLWO/OeQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.155.157.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g/B70htf46Z1kmItGZY3WjTVqNM=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5573
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 15:41:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5573
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 15:41:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5573
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 15:41:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5573
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 15:41:06 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 64606
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 64591
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10878
x-amzn-requestid: a849d918-ec40-47d4-93cb-e938b010bd50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpJKGAPIAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556d-242a8d2208b6574c34063c1f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7ZaoEBhn_F_zDvoalcEpb4PtdGMuU9stAktSCviy5SsaaBaxYUJ6Fg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 64606
etag: "d893d8035379e06e53e365b9f47f5da40bff932b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10878
Md5:    f62719b24a32198c6f462a0a0412ac98
Sha1:   d893d8035379e06e53e365b9f47f5da40bff932b
Sha256: ca863affca1559e92e415a4de2e78e4b4c1ec4cf8e8549693499c6f79bd27975
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 64606
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 64593
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 39495
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /wp-content/themes/univer/img/stud_auto_big.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Sun, 02 Oct 2022 13:35:26 GMT
content-length: 14603
last-modified: Mon, 03 Jun 2019 08:03:08 GMT
etag: "5cf4d43c-390b"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 180340
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 208 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size:   14603
Md5:    6c860a8405994a117340b86e71f99077
Sha1:   34019a821bb7ee0efb2251e3fb2ee6036a104f4e
Sha256: c81f74a906e537f5859f244aea9880aac7b5e362cd4d0ec346fae1f9bd871a50
                                        
                                            GET /.well-known/2021/usps/verification/ HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         82.202.170.188
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: ddos-guard
set-cookie: __ddg1_=UafMXoh2UopuBR6bTqI5; Domain=.student-auto.ru; HttpOnly; Path=/; Expires=Wed, 04-Oct-2023 15:41:04 GMT
date: Tue, 04 Oct 2022 15:41:06 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://student-auto.ru/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (574), with CRLF, LF line terminators
Size:   31221
Md5:    5497c4552f2554cbaf269f960689b8c4
Sha1:   36ff6039bbadfbdbbf9d26c5e6578f74ab1a4759
Sha256: f14d0eaf65cf59eea9f94e398ce17032c072e7c4494e3d0331a6963ae91da98f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jquery-2.2.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 15:41:06 GMT
content-encoding: gzip
content-length: 29811
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664898066.dop224.sk1.t,1664898066.cds071.sk1.hn,1664898066.cds214.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29811
Md5:    82885772205f23cd59e25a221521b059
Sha1:   96ed36f45544295f28df1ab251e7e38faceeff0e
Sha256: 8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
                                        
                                            GET /wp-content/themes/univer/img/logo_sechenov_small.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Sun, 02 Oct 2022 13:35:27 GMT
content-length: 9481
last-modified: Wed, 21 Jun 2017 13:16:42 GMT
etag: "594a71ba-2509"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 180339
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 61 x 59, 8-bit/color RGBA, non-interlaced\012- data
Size:   9481
Md5:    2bd02e3291f87f3c90e00b436306462b
Sha1:   3b670e2ae09bef2d52bc42c52900c2574019a2f5
Sha256: 5d9ace044c626bfe8d303f17054015e5e8cb2b85ff8cd6ab304afe2d95bde8f2
                                        
                                            GET /wp-content/themes/univer/img/icon_modal.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:34 GMT
content-length: 10174
last-modified: Fri, 30 Jun 2017 06:13:34 GMT
etag: "5955ec0e-27be"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 11552
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 208 x 208, 8-bit/color RGBA, non-interlaced\012- data
Size:   10174
Md5:    fad2abb237c6fcf8936b0983bc1abdcb
Sha1:   fc0ed0b01dedd8a4aecd6330b750f06bfb712704
Sha256: ddd8dd99f54c3cc6d2fa1f7a5393ec08e3ac0ad67e24138cde3e5d6d544cbb70
                                        
                                            GET /wp-content/themes/univer/img/stud_auto_small.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Sun, 02 Oct 2022 13:35:26 GMT
content-length: 24663
last-modified: Mon, 14 Aug 2017 12:17:18 GMT
etag: "599194ce-6057"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 180340
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 117 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   24663
Md5:    29a1e7dff8dc56698b2d0b091bd99393
Sha1:   07c2c42cf9345ece66d13a73d909ba2cbd0b1a5a
Sha256: fe7dcb1282c5e06dddcb2fcc04ed272283a1b18a6690ac62fe917cb56fe1fa5c
                                        
                                            GET /wp-content/themes/univer/img/man.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:34 GMT
content-length: 111193
last-modified: Fri, 01 Sep 2017 14:28:12 GMT
etag: "59a96e7c-1b259"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 11552
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 334, 8-bit/color RGBA, non-interlaced\012- data
Size:   111193
Md5:    2e4f9e95bff9d4dde7710d3d127532b6
Sha1:   2fcc04a551a485f19aeabcf3ea7c5d707999ae95
Sha256: 306a6efe655c3b8ee84f5937e2fa5264ad9cb6966508a2c580820349da8ed756
                                        
                                            GET /css?family=Open+Sans:400,700&subset=cyrillic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 15:41:06 GMT
date: Tue, 04 Oct 2022 15:41:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2071
Md5:    221c373c0bfb240c2a7e35a45a5a5503
Sha1:   78bb8d90e51a578ac23bff90e0d228d421c329f8
Sha256: 0154e8a8e5a052983d9d4e4202cad2c76f8e21c1f54d5684ae33c556652d752f
                                        
                                            GET /css?family=Raleway:400,500,600,700,800 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 15:41:06 GMT
date: Tue, 04 Oct 2022 15:41:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1067
Md5:    28bfbc698fd928494806e1d27b26ae20
Sha1:   9c5b86bde671a3b6d44025496a88bce07ea4b3bd
Sha256: b1782690ff18df38ca0689a6c3db459efc2664a74493473b428cd2ebd85c3bb5
                                        
                                            GET /wp-content/themes/univer/img/header_bg2.jpg HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/wp-content/themes/univer/css/style.css
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:34 GMT
content-length: 80649
last-modified: Fri, 01 Sep 2017 13:52:00 GMT
etag: "59a96600-13b09"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 11552
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x525, components 3\012- data
Size:   80649
Md5:    8fe198a3ebdc953381aec43a79d92a82
Sha1:   ae2f9ce885034ac724fe3adcbfec04738e210949
Sha256: d37d069129e29c0bbaba8e9e20e1b10f960f50b011451ad4dd20cba361fff77f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto:400,500,700,900&subset=cyrillic-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 15:41:06 GMT
date: Tue, 04 Oct 2022 15:41:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   27414
Md5:    9cdc8c5270dd3c9fcd5ba15e50a775b0
Sha1:   b6d2f212384e3252fb0bbbdaaffc5e3502788202
Sha256: 849ef9044ab5d1974d69a483e3c8edf694c23b608393962c9d208f57c886dd25
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:41 GMT
expires: Thu, 28 Sep 2023 19:34:41 GMT
cache-control: public, max-age=31536000
age: 504385
last-modified: Wed, 11 May 2022 19:24:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Size:   9644
Md5:    6f112ec2b932ee12379442c42853244e
Sha1:   b2e73c8c70d6261e1d187f41693c43ac4fe0809d
Sha256: 6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
                                        
                                            GET /wp-content/themes/univer/img/step_0.jpg HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:34 GMT
content-length: 169050
last-modified: Thu, 30 May 2019 08:24:53 GMT
etag: "5cef9355-2945a"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 11552
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x346, components 3\012- data
Size:   169050
Md5:    e729120f9f37ab2adadb4bf9ac9836b8
Sha1:   e82861a268705a7afe4255a01fbbd3676a8e3c3e
Sha256: 53c85a8c92f0e3c4b5a05ab02c59f8968421e740e389ca370c1ff95fb3a3cae5
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:40:23 GMT
expires: Thu, 28 Sep 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 504043
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size:   15752
Md5:    b20371a6daf29d4a1f2e85dbbf40fb20
Sha1:   0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
Sha256: 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:40:43 GMT
expires: Thu, 28 Sep 2023 19:40:43 GMT
cache-control: public, max-age=31536000
age: 504023
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9700, version 1.0\012- data
Size:   9700
Md5:    164a322c3a8ec10a523be51659d36c73
Sha1:   2696ce42bd39262a6bec468649a124ef388c0784
Sha256: 9fdb12ceee3a402d3a54afe354552459dd3950e9c6dece06288e4cc0a7a7c060
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 223766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /wp-content/themes/univer/js/jquery.validate.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 15:41:06 GMT
last-modified: Thu, 29 Jun 2017 10:32:34 GMT
etag: W/"5954d742-5a5d"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (22930)
Size:   17126
Md5:    dd66ce32cd5b074df235c96762c2ca13
Sha1:   ccd74f2dd0d07e57301a7080f880d06275432916
Sha256: 1da3357ce7e4908b666260b1aadfda138a8268d8a243a47c63c171e1e16557ed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/raleway/v28/1Ptug8zYS_SKggPNyCkIT5lu.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 22:29:33 GMT
expires: Tue, 03 Oct 2023 22:29:33 GMT
cache-control: public, max-age=31536000
age: 61893
last-modified: Mon, 18 Jul 2022 19:41:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 25640, version 1.0\012- data
Size:   25640
Md5:    a76940a6dbf58b7014bdaa4211cd384b
Sha1:   90407725b851547b0a63e863d8880f6a531f425f
Sha256: 3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:19:49 GMT
expires: Fri, 29 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 465677
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size:   9628
Md5:    d9ac47c7e500fb7083b8d595eaf6fe12
Sha1:   112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
Sha256: 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.8 HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 15:41:06 GMT
last-modified: Thu, 29 Jun 2017 12:57:50 GMT
etag: W/"5954f94e-341e"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   49998
Md5:    25053af471c7106f857c27f6733528a9
Sha1:   2a050da6730d740c77ef25d76dfbeae3b13d068a
Sha256: 66eb28ec71328090516ff44d2db78c76f637a3e6b871ead058abafbadcc1426e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/univer/js/sticky/jquery.sticky.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 15:41:06 GMT
last-modified: Thu, 06 Apr 2017 14:22:14 GMT
etag: W/"58e64f16-2765"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   18282
Md5:    4e048b734ff376273421f9da0bf8fc13
Sha1:   cbfe3a414e443b0290d408603d273038ae01984f
Sha256: ef804161943084342ea6fb0bed745d04cf4227724ab5eb41608faa4970d73a1b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 504418
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:06 GMT
Content-Length: 938
Connection: keep-alive
Expires: Sat, 08 Oct 2022 13:31:06 GMT
ETag: "c53198c4219b6cdcc81892d19bf8065115b29033"
Last-Modified: Tue, 04 Oct 2022 13:31:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1974
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754f05164a70b51b-OSL

                                        
                                            GET /wp-content/uploads/2017/08/cropped-stud_auto_big-192x192.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:35 GMT
content-length: 36030
last-modified: Mon, 14 Aug 2017 12:26:19 GMT
etag: "599196eb-8cbe"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 11552
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   36030
Md5:    32d016c0f7b57f83c7fa4bee35765f81
Sha1:   92ebe9318d20744c94872b5afaa9e36cf4d1037e
Sha256: 39c4f1e352edfffaebd39b7a177136ef9e188b75002a1b7c67ecad5b8e3867e1
                                        
                                            GET /wp-content/uploads/2017/08/cropped-stud_auto_big-32x32.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Mon, 03 Oct 2022 10:47:55 GMT
content-length: 2444
last-modified: Mon, 14 Aug 2017 12:26:20 GMT
etag: "599196ec-98c"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 103992
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   2444
Md5:    6dbf20ae97dc5453120e7e00ae08fbd1
Sha1:   d0962c66633869e60de3a16dcc616428d4c2343f
Sha256: 0e96d01c46341d51e68b69766d97656b3addaee8cc65e08c4967b178d9528cb4
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:41:07 GMT
Content-Length: 939
Connection: keep-alive
Expires: Sat, 08 Oct 2022 13:21:27 GMT
ETag: "3427073e58bc6b528edad4aa2b8116365a1175c2"
Last-Modified: Tue, 04 Oct 2022 13:21:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2771
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754f05172b8fb51b-OSL

                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 72341
date: Tue, 04 Oct 2022 15:41:07 GMT
access-control-allow-origin: *
etag: "633be002-11a95"
expires: Tue, 04 Oct 2022 16:41:07 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Size:   72341
Md5:    7a68c8644032413981e4ba5bc0d66c4a
Sha1:   2d46ca8055e8577ae7138140e34a6e633434973c
Sha256: e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Tue, 04 Oct 2022 15:41:07 GMT
access-control-allow-origin: *
etag: "633be002-2b"
expires: Tue, 04 Oct 2022 16:41:07 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /2.1.79/build/release/images/cursor/grab.cur HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 326
date: Tue, 04 Oct 2022 15:41:07 GMT
access-control-allow-origin: *
set-cookie: _yasc=MICCHj6o3dtYeQZY0SyjN1vO5tbZsX9FZWTDihBXpqrUSA==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 15:41:07 GMT; secure i=laZtgVJlnMAjeYCOUqnxfCTDfO1kxthKwVR5v31gfoi4Tkeh1pkV9zyGXoioIpjGw67wM1Pq7F+EuXaaKxyWQToANVQ=; Expires=Thu, 03-Oct-2024 15:41:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: "633c0ef5-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows cursor resource - 1 icon, 32x32, hotspot @15x15\012- data
Size:   326
Md5:    ef50ac9e93aaebe3299791c79f277f8e
Sha1:   fbd667e863c8278950e7761aee54b394cd93ea0c
Sha256: 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
                                        
                                            GET /2.1.79/build/release/images/cursor/zoom_in.cur HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 326
date: Tue, 04 Oct 2022 15:41:07 GMT
access-control-allow-origin: *
set-cookie: _yasc=2JIv8QvqkBCZNo4H4YjX8RcStyD98u+BWsKBXhWqqXrwKw==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 15:41:07 GMT; secure i=a5jupL7e1YFllOFwQuuv1M3OGZotrf2V8589H142uQCQ8wruHD56CcCj8kiGn1EKihYVHyvV4VdKMeklcsUOu45qOAs=; Expires=Thu, 03-Oct-2024 15:41:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: "633c0ef5-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @6x6\012- data
Size:   326
Md5:    77492cf358d8b12629399322926c93f2
Sha1:   8291ac3dad4e4f33183ccdfad7b92b1594c760f9
Sha256: eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
                                        
                                            GET /2.1.79/build/release/images/cursor/grabbing.cur HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 326
date: Tue, 04 Oct 2022 15:41:07 GMT
access-control-allow-origin: *
set-cookie: _yasc=Ly7lljTJm/rj0dxMnuAw7sZScd3cS/+yR3HvsONzyJt11g==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 15:41:07 GMT; secure i=mOcSo804/LusrWds0+VRYBhRZJoqrO6OEN/wBWENLuAxghMyKQoxRpDZNYAO8fldBNrlTbkO4NrPTgkV86T8TzmfT8Q=; Expires=Thu, 03-Oct-2024 15:41:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: "633c0ef5-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows cursor resource - 1 icon, 32x32, hotspot @15x15\012- data
Size:   326
Md5:    3ce22e999d54bb9ca8150a59207f9d3e
Sha1:   f30d68405751e730ca94ada8628df45b4839931f
Sha256: a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
                                        
                                            GET /2.1.79/build/release/images/cursor/help.cur HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 326
date: Tue, 04 Oct 2022 15:41:07 GMT
access-control-allow-origin: *
set-cookie: _yasc=1aS/vHqq/o5MBay8MKTQrb0NeafiSqLsv+TrKJgfBQQdrA==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 15:41:07 GMT; secure i=ldrPyJogD+w1AjhG5YYEGSxKaf5jYty4zCE37BSyGcFgBkObwrKe9m2+DoHRxlhqodaJXqY06MiJQhFeIsLSntV8B4g=; Expires=Thu, 03-Oct-2024 15:41:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: "633c0ef5-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 2 colors\012- data
Size:   326
Md5:    4965b66fe115b2f2ed500ece66514d86
Sha1:   32074b76fca8a0382b474c1b9555d6742b274986
Sha256: 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
                                        
                                            GET /watch/54247729?wmode=7&page-url=https%3A%2F%2Fstudent-auto.ru%2F.well-known%2F2021%2Fusps%2Fverification%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A226672406615%3Ahid%3A928996671%3Az%3A0%3Ai%3A20221004154106%3Aet%3A1664898067%3Ac%3A1%3Arn%3A468405207%3Arqn%3A1%3Au%3A166489806770496557%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C224%2C2124%2C0%2C498%2C0%2C%2C398%2C12%2C%2C%2C%2C3260%3Ans%3A1664898063040%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664898067%3At%3A%D0%92%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B0%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20-%20%D0%A1%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B0%D0%B2%D1%82%D0%BE%D1%88%D0%BA%D0%BE%D0%BB%D0%B0&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 302 Found
                                        
location: /watch/54247729/1?wmode=7&page-url=https%3A%2F%2Fstudent-auto.ru%2F.well-known%2F2021%2Fusps%2Fverification%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3171%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A226672406615%3Ahid%3A928996671%3Az%3A0%3Ai%3A20221004154106%3Aet%3A1664898067%3Ac%3A1%3Arn%3A468405207%3Arqn%3A1%3Au%3A166489806770496557%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C224%2C2124%2C0%2C498%2C0%2C%2C398%2C12%2C%2C%2C%2C3260%3Ans%3A1664898063040%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664898067%3At%3A%D0%92%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B0%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20-%20%D0%A1%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B0%D0%B2%D1%82%D0%BE%D1%88%D0%BA%D0%BE%D0%BB%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 04 Oct 2022 15:41:07 GMT
access-control-allow-origin: https://student-auto.ru
set-cookie: yandexuid=1118641781664898067; Expires=Wed, 04-Oct-2023 15:41:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=1118641781664898067; Expires=Wed, 04-Oct-2023 15:41:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=2051389121664898067; Path=/; SameSite=None; Secure i=khdR2V2N1H9/zYorHeqBbb3eEj0ld3CmVcEbcgyDtzB90KhUw01OumGJiZMP2wzTIXwR3oHGhQUnrJGRCUy1SnXRK0I=; Expires=Fri, 01-Oct-2032 15:41:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1696434067.yrts.1664898067#1696434067.yrtsi.1664898067; Expires=Wed, 04-Oct-2023 15:41:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 15:41:07 GMT
last-modified: Tue, 04-Oct-2022 15:41:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size:   407
Md5:    fb86b613a9dc9a6f5dbf74c5febb46e4
Sha1:   dc70a997fe7c6c2554caf9c5256135e6a4129cc5
Sha256: 2222dbecc6f27013dd691027f7efff1a909af2ba616ff11685b9e14bf1dec800
                                        
                                            GET /wp-content/themes/univer/js/jquery.nanoscroller.min.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 15:41:06 GMT
last-modified: Mon, 19 Sep 2016 10:52:12 GMT
etag: W/"57dfc35c-289c"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/univer/css/reset.css HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: text/css
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 15:41:06 GMT
last-modified: Sat, 17 Sep 2016 05:59:24 GMT
etag: W/"57dcdbbc-a18"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/univer/css/style.css HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: text/css
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 15:41:06 GMT
last-modified: Mon, 03 Jun 2019 08:20:47 GMT
etag: W/"5cf4d85f-1006c"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-43/build/release/full-12d3b6ea37df4ec19ca51b92a0651e126f59c33e.js HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.154.131.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx/1.17.9
date: Tue, 04 Oct 2022 15:41:06 GMT
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"96bcd9e39ca569a8c8c0482bcfc0f578"
expires: Wed, 04 Oct 2023 21:29:26 GMT
last-modified: Tue, 04 Oct 2022 10:45:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 6da577525b85dc35
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/univer/js/main.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 15:41:06 GMT
last-modified: Mon, 03 Jun 2019 08:09:56 GMT
etag: W/"5cf4d5d4-100a"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /2.1/?lang=ru_RU&ver=4.8 HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
timing-allow-origin: *
content-disposition: attachment; filename=json.txt
vary: Accept-Encoding, Origin
date: Tue, 04 Oct 2022 15:41:06 GMT
access-control-allow-origin: *
x-content-type-options: nosniff, nosniff
set-cookie: _yasc=B0asvWysJ3bNng9HMoiE+NDuU0+OJ9Nq6NlEA70cxziiaw==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 15:41:06 GMT; secure i=Bz+MEyYuN3uRG8CwVtOu9smKAPV8S7fGw7ciexMudO+au0lfpIxeU0nYTjSb6DnJOBifxBphkKb5PYNDKcOpv+jrEQY=; Expires=Thu, 03-Oct-2024 15:41:06 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
x-xss-protection: 1; mode=block
x-lighttpd-locale: ru_RU
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/univer/js/jquery.maskedinput.min.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification/
Cookie: __ddg1_=UafMXoh2UopuBR6bTqI5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 15:41:06 GMT
last-modified: Thu, 29 Jun 2017 09:55:40 GMT
etag: W/"5954ce9c-10d9"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing