www.gorod62.com/faq.php?page=5
104.21.8.83200 OK 8.5 kB URL HTTP/1.1 www.gorod62.com/faq.php?page=5
IP 104.21.8.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (721)
Hash 564e104223f769dbbf3a07f4782d61bf
269383a7fb1a9c6b9ac8131f5566ba4c106d3c53
0d38da11f964c5812892961c301257535a7eeb685902b16a13c2df316a870c8b
GET /faq.php?page=5 HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 17 Oct 2022 05:17:58 GMT
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA5J9bVLv%2BuhT9Spswu7Au29CUVlIAUZrKkuxpA6UhMmSMiAzVYhMTImSbkd8cxswU1KW%2Fg8RaVlch3vVYLypjgjxwxe751EO3RD1f%2FLcltfnTbI%2FDnWRFWCpo4Nxhxub5s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4cddb5eb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11347
Expires: Fri, 09 Dec 2022 13:20:29 GMT
Date: Fri, 09 Dec 2022 10:11:22 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2223
Expires: Fri, 09 Dec 2022 10:48:25 GMT
Date: Fri, 09 Dec 2022 10:11:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 10:08:18 GMT
content-type: application/json
age: 184
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21160
Expires: Fri, 09 Dec 2022 16:04:02 GMT
Date: Fri, 09 Dec 2022 10:11:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VESoXBl4/Mi2zuXFjogSKYjNyWuXlNT+Ydb2dGQ14shOiAEgkIa3V06LcWo6FkRJ1kT3ApbE3A77ST8l3YFdLA==
x-amz-request-id: PYQAN1TFVT3PS3RB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 09:50:12 GMT
age: 1270
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 10:11:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.gorod62.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.8.83200 OK 655 B URL HTTP/1.1 www.gorod62.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.8.83:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 17:55:37 GMT
ETag: W/"638a3c19-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0V%2FOxOmnEIh8LaH4jSyDxewje9fFXMOSlg32UiU%2BqqWstRPrL4NlPqJjWtVRCFEEtqNO8E1Qe6BqPlr7gumCvf0apQ5YMBScV7FcaO4lHdWTCqAHUb8vY4VvazCn1c8Rms%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d08e1fb4f9-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 11 Dec 2022 10:11:22 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.gorod62.com/design/css/bootstrap-responsive.css
104.21.8.83200 OK 2.4 kB URL HTTP/1.1 www.gorod62.com/design/css/bootstrap-responsive.css
IP 104.21.8.83:0
Hash bc5ee5474ab04e85b61d7f6e1a39df2d
7fa7db0e3c5bbb507d44c351e9449e87a9f41973
cd03656d26e234668589b0d495d68ddfe2afd2f412b3de5602dccd5e1d09bb63
GET /design/css/bootstrap-responsive.css HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:29 GMT
Vary: Accept-Encoding
ETag: W/"634ce785-2a67"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HsGztAHwqX%2F3QwlCMbHZSv5JpKCKf4VUweaCz60bwiL0rFRstSKqJrutd2pQmpg5RgCmLvaCaMj9TDaAaVBqx75NylBp9Z7UNP8wPOXhK87x9%2Bj6wmMv7X0cYvAecfH8sc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d05de2b503-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/css/bootstrap.css
104.21.8.83200 OK 13 kB URL HTTP/1.1 www.gorod62.com/design/css/bootstrap.css
IP 104.21.8.83:0
Hash 0e5b031beca582a70228e7a4861bee48
29e0751d11fb902b6706fbc25d51f44b911df80f
41773036e39cec46bf861afac9166ccab4037bcc69c3bd287d05834e307fad4e
GET /design/css/bootstrap.css HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:29 GMT
Vary: Accept-Encoding
ETag: W/"634ce785-13f66"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9NuClrssy%2F3kaOVSOi2Cpr%2FEPsfqWTJd7NGRZQD4Zvzgt%2FSdtL3uil%2BoBxzos%2Bw1a4cZfpM1tTDmwjCGXI15t5iW5jLa6CZ8S%2FMG4oW9xofWp5WJmMzkn%2ByrqyZg9FRueg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d04e98b524-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/css/css.css
104.21.8.83200 OK 486 B URL HTTP/1.1 www.gorod62.com/design/css/css.css
IP 104.21.8.83:0
Hash 836897a2c4e36a0be143e257e4060ce2
67e60937e1518a601d438b5ba832055c002cc6bd
139f3588a54e224cbb2aaac4bea1ab99fc4202db94a656603c0c46e7449fb0b4
GET /design/css/css.css HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:30 GMT
Vary: Accept-Encoding
ETag: W/"634ce786-34b"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kP%2FNZIGxg36oUrN7b2mdiHhvKNBfXMr2KU4XBjBkWOSDm759CDRKx6KfGF51Nf7z38anKcT2Tz3bRXgG2EKtaqWHELgp7do0o25N24Con9b9T72yF2329OctttpDrq1N10s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d0590a0b02-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/faq/style.css
104.21.8.83200 OK 777 B URL HTTP/1.1 www.gorod62.com/faq/style.css
IP 104.21.8.83:0
Hash 7b9eedc44cc0f4188e17fee57b6b96e6
9e5b7a1ab8d4798f692df088ec250734e8b62440
428e640e0d85f5a5247e36fdf7108c06b0fe711bd39fbc4bf4a63ac22210504a
GET /faq/style.css HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:24:15 GMT
Vary: Accept-Encoding
ETag: W/"634ce6ff-ac1"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFCOGtiQiRP0mIszLi0Yyae3QrzwBZ4zTYSOTBdyJ8s5BhOOD0SRmOhPN3qy0NX9ZJ9xwkDHwAnQLZ%2BGLNOeEj63pzxUV1qFKpmR7r8Q0pgPQ0m%2B6hUUyPegPBErGSW16QM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d08fd7b4f1-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gorod62.com/design/js/bootstrap-transition.js
104.21.8.83200 OK 1.2 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-transition.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash 046c1db2c168175f543276c5599a7218
a22a36ed75e84dc82b1c879f0c9aa4827210283c
821a616fba30ff7cb9e414144c1783e9395f0239c62103387d4139846d4768dc
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-transition.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:36 GMT
Vary: Accept-Encoding
ETag: W/"634ce78c-b86"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GCUg8kLw2z4cM3YHY8ELL36rKCncmUZXzOIyehrCmNbbNjsnt0MFXMb5Vgq%2FZQ2stbwZA0Sv6sxR0G0PfU%2B1Ufv%2BEgKhk8Dz1FutEv3jbL5FRjXaBc3i7RTZzdRGfHvr9c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d09e27b4f9-OSL
alt-svc: h2=":443"; ma=60
pagead2.googlesyndication.com/pagead/show_ads.js
216.58.211.2200 OK 34 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/show_ads.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (3577)
Hash c6352135ecc689a60f089d7465fdfd5d
ef7183c6378be58f073df78244f3e55a554a2217
f1262a98e89ed27197f099e5a344288036ac937e757129aedad4f7b423cba888
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Dec 2022 10:11:22 GMT
expires: Fri, 09 Dec 2022 10:11:22 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14428782132018350942
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 34142
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gorod62.com/design/js/jquery.js
104.21.8.83200 OK 74 kB URL HTTP/1.1 www.gorod62.com/design/js/jquery.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash 1656e8a5f2eb34e8736ba7d41f2209b0
c68846feb64aacdca9a0feec7297126179e9435e
a2ee22365bb767409fa8ce491408829e78315fce42ace6624d008ea299f17f35
Analyzer Verdict Alert fortinet Malware
GET /design/js/jquery.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:37 GMT
Vary: Accept-Encoding
ETag: W/"634ce78d-3cc49"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=od5PSC00Dt3ocyb5cs1tbxARokK5xgWDZZ3Clj2J9DxMnmcKhNg3gz8arwwEXOI88RNncQwoQE2lkbaJRvKM3zq4lBRN7biO9QcxiXmDp9GTNXo7yctU%2F2kZPSgEzrpwEPI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d05dfcb4ed-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-alert.js
104.21.8.83200 OK 1.4 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-alert.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash 92995c7d1dfdda2ec8c5617833dfbe00
7cdfcab37cc281160018c92ba74ae499eceab333
3b7e6e122f9f71c2d144bd0cd8fc43e9131f1314d80add686e9f7434331f1a42
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-alert.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:34 GMT
Vary: Accept-Encoding
ETag: W/"634ce78a-d9d"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nABSSzmXOnx%2BelWGZwzsmTWccfsas5IpwJn4RUSONjrMA43pwGg6RiTfaM1RdxU5drQpPruaqFiJOaFgayTWDzDFpCaWudxqf7o0S0NPnONW5MCVYtoDoehwwv%2F1kHP66dw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d12ef8b503-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-scrollspy.js
104.21.8.83200 OK 1.8 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-scrollspy.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash e2f1790ad711bdd560be89e365a4d59a
6c5ab36da4e2b80b1e040ae34985bd9c13770b18
5fd821f36451def32f0bdd885b117b745e687422725362df50526a025698f494
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-scrollspy.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:35 GMT
Vary: Accept-Encoding
ETag: W/"634ce78b-1284"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4XmM8oBEWKaCwmueoccp9fm8PXHL58pL6SC4CrHLbpdS6V0zrBXx9bIdEEQ9zJUB0%2Fe5FV4cPQvWlWSDo45M9sO8DtfOUGz0afoq%2BzXx5AlNoHThGmd3aprbs%2FMqeAQbTs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d138aab4f1-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-modal.js
104.21.8.83200 OK 2.2 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-modal.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash b29f17f9f0a04b8d9222301c1e993b8c
deeb4603e750e430e3013bcb9c25f9f8488e33aa
99ec59457b2066e4016d142386a4fc65228a3f04572c8c8560fdde87c8aeffd1
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-modal.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:35 GMT
Vary: Accept-Encoding
ETag: W/"634ce78b-19a1"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq5WS9vh09AnyVcpWvuWRaNsxXHjy7wr8W7YKMrDaQulVZPRm8sr9NE7XP3FMJgcevHskqa%2FNCWCyPEPbJYn5E8hc8765%2F%2BNTAA85f%2BoQN2MjFuOm3t37ZEuMcXQZ4WTRjI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d12fccb524-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-tab.js
104.21.8.83200 OK 1.7 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-tab.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash d235a9445a3ea19d41da36240190a5cc
da0a4acb495e5e5da605ccf0e7a28a6f7c49f155
ea254f45d0230c8eb797761e4a823fc6500797d952ee114b6d331d0ba7a60d68
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-tab.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:36 GMT
Vary: Accept-Encoding
ETag: W/"634ce78c-1120"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixy9GE9Rym9gwoP55tXYlN7bxxf9QuGfcUdzLmudcCPtUIRY20VNeZupn%2BjHshtp43EcCT%2BGxZrytj0RSYK3hujw6hzrbYJRbdF%2BfIbep6vqbEZKi5PZ11NWGVhLF0TJCPM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d16f02b4f9-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-dropdown.js
104.21.8.83200 OK 1.5 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-dropdown.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash a2e73eed43f0bd3e55d6479fc68b44d1
dd7baa95f74aa436054a25e95f6606793d0ea024
659379b15f7bc7800660b04e091e744d5ece8b5a3b9baa01ebdf5bc5368e9259
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-dropdown.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:35 GMT
Vary: Accept-Encoding
ETag: W/"634ce78b-e2a"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vh12dxjrK%2F4w9vUo9iocMPmyqr7WuO8xORcY3gESeZuYcPBaRyhyIIJROE9ZO%2FBPULpHCUu2J5ZgIVjLN3OSd%2BmPekxAZjKe6WOvtgNebeV39QaJpxn8wS%2BldFHGwH5OOCk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d129a80b02-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-button.js
104.21.8.83200 OK 1.6 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-button.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash 72a6b077288f94dd818500428f2f0bf3
10863d22de9253ff87d39a23977b0c94706a0695
5a76acda1ed2883853a1a293c968ab90bce1e2ac807684807e9c479382b9acce
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-button.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:34 GMT
Vary: Accept-Encoding
ETag: W/"634ce78a-edf"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf4XO374GyXfVcefQeKkFh5Emqsg84sq%2FEMrbsQ2bnUPFz0WXTZMcUD3G1VAHJHY26GGou0L1kgysVkMlE5aZnm1H4p4iuzI4cRNIC7bmTzJRuzbGS81fEvHq%2BHsWAGC2co%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d1e996b4f1-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-popover.js
104.21.8.83200 OK 1.6 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-popover.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash 909d88dc5b9a88de1eb5e359aa4c9b1f
7765f60c78a0557a227ca40aef38bac20a4833ff
365e73d5d4068d664529a0426982ed5aa6b929d03f5a18f60221e83077df32e8
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-popover.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:35 GMT
Vary: Accept-Encoding
ETag: W/"634ce78b-f60"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGdSpFw12c1q6UHBwbzhCB6aA8k8KloTiOri1ULeo7Utn2WLt52MhzTsRjc8nEhb%2FvhmRSQsCwOev3IaVFfH3HdYLg54oL65JNak%2Br1rynerDbqBcX8Bq%2BAhVkGLXM6FF9Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d1e829b503-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-tooltip.js
104.21.8.83200 OK 2.6 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-tooltip.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash e2614d3a7488d59f0e3d7f6239c69177
2a5773b0ec2512f61f92e1231d097d400ee2fe76
f281c99ebadc75d323aa1f055bcae476bf76a160c719454ce126dd808420670e
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-tooltip.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:36 GMT
Vary: Accept-Encoding
ETag: W/"634ce78c-20f5"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJJKLGh2KOMmA%2FkYejvm0Vy26%2BX%2F1PtA6vS6r94uG58NEvFWHvcPgiiOBLkoGiFpHmcJt4ykOVj%2BSO9HxfKpGDyJSxTeZ55y2onwtydRLpTESkOsfTciecNG6uZm2T%2BdA%2FM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d1efaeb4ed-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-collapse.js
104.21.8.83200 OK 1.9 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-collapse.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash 636205d57d3d774a124542f55304ca2d
a247f0233c7eb01de2115bf400ca5a8d01c5a997
1c5cd1ccedc0ac5b36bb523b612f6bc3c09a17d10c1644ee3a4dc14cda14469c
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-collapse.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:34 GMT
Vary: Accept-Encoding
ETag: W/"634ce78a-1374"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlwYSoOEFhDsHiuhGwrrdrtdepPeTcCshNaFTVTB%2FTRO0isTj2hVwxDngxOFGKD2LIMu0vdKeZw%2B9lFdvg1vKtRPpPjel8BRaqvOOM1u19JnPyZ426kAIKrpFcVYkkyGgIc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d1f8e1b524-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-carousel.js
104.21.8.83200 OK 2.0 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-carousel.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash 63c8180f396d0242b964ba298840f543
2ca5cb8d49a435f9d732d0cc8b2b9fdff7b995ef
01702edcb029dfa9c5f97200d713d05dfa79d4c53293f5e4a932fe5429160668
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-carousel.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:34 GMT
Vary: Accept-Encoding
ETag: W/"634ce78a-15c9"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBdWc5LbYnihO90Vy9LX2Pz8fnybQS8vh05yV1rJePr2jxoZVvE9iRPN9rQ%2F3sX%2BtkVCgStXjgrO5Cb%2Ba9%2FPGNBFUB6KbSFrut5bT3oI4ok3IllvgN8pJXA6%2BP8T4bUWT2Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d22fe9b4f9-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/js/bootstrap-typeahead.js
104.21.8.83200 OK 2.5 kB URL HTTP/1.1 www.gorod62.com/design/js/bootstrap-typeahead.js
IP 104.21.8.83:0
File type Unicode text, UTF-8 (with BOM) text
Hash 2656130bcdec412e724c78eb3639e1c1
1245dd02d3150b51a9541d23bbb840624c95f8e7
f8272219ee5496addc50f5edb296b338aea1a0e7ff47a264a6a54cda51519772
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap-typeahead.js HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:36 GMT
Vary: Accept-Encoding
ETag: W/"634ce78c-1e5e"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdrB%2B%2BG74%2F7xEIrfs4SO7J2BahdA4ThALCvkjghhnztCi%2BODELREr7Q7L6Gdn%2Fv%2BPg2EWeDFk2ze884yulgOYrSjWvbCqbuJX3iGKiVkL2MoP99rDI6TI29EgY71bRGmsVE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d24abe0b02-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/aners/ulmart_discount.gif
104.21.8.83200 OK 7.4 kB URL HTTP/1.1 www.gorod62.com/aners/ulmart_discount.gif
IP 104.21.8.83:0
File type GIF image data, version 89a, 180 x 70\012- data
Hash 1390061100b8fa24d67b2e19fad59a04
9d307b09c2c589b0036b2e697f81bb9223c7b9e6
5886fe174097090610c18b559131a39577e286b232e843a6e272dca0291bfeff
GET /aners/ulmart_discount.gif HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/gif
Content-Length: 7448
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:24:13 GMT
ETag: "634ce6fd-1d18"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyxBwkszExBbyOJcvwMUvVgXOIo5cHTgClpclE59HA6fSlmF40fPCfB556Y3%2BnkgSJnTak8vqaMh6cfFZTG0K3FxX%2BYQ4AqqH9J05u8hGOiFj5Mx9CFYVN2uATVLhzhp%2BFg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d25a36b4f1-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/shablon/im/logo.gif
104.21.8.83200 OK 2.8 kB URL HTTP/1.1 www.gorod62.com/shablon/im/logo.gif
IP 104.21.8.83:0
File type GIF image data, version 89a, 165 x 66\012- data
Hash a69f2bc01e4a48adb800a6df3e02a205
e121e42c3b5035c1c2bc2c16e7d95e9531444e63
01bf7e996b874da7b44dd7e331dc8f11085450bcfe599b8cb4812df5c7d42821
GET /shablon/im/logo.gif HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/gif
Content-Length: 2750
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:52 GMT
ETag: "634ce79c-abe"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79J9XIVb6ls8wXFfy%2BUEx24cNHFrvRJVd%2FosCTKSUpTZrWqhGD7ZHUt20oDKXzMRSFBliuFk06JAdtCyV6EpFHfgjiQfnjS38Hqt2hDmM3s5hBgs1lPhPLmybky57XcBfLA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d2b899b4ed-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/img/glyphicons-halflings-white.png
104.21.8.83200 OK 8.2 kB URL HTTP/1.1 www.gorod62.com/design/img/glyphicons-halflings-white.png
IP 104.21.8.83:0
Hash 8a4a44b26bf2d275d188e2fd8d366021
223cbb162737dc383ee5873a3aee0197719397d2
b18ef759f75657286e760b90a202e650e9ff224d0b573a04cc2afef31a244fb5
GET /design/img/glyphicons-halflings-white.png HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/design/css/bootstrap.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/png
Content-Length: 8181
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:32 GMT
ETag: "634ce788-1ff5"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8WavKneKvtHngCBpnCzHE6cWAuKfxUMGQ2Xg7vXaoQIpd4aQGAVawL1%2FUFmlz0KKpB4CL3mlXMhIBNTlJAwgRTekDZDDpSq79tzdthmcKqVainlF%2FgEheJ2Vm%2BfOb7irWA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d2b928b503-OSL
alt-svc: h2=":443"; ma=60
975.062.ru/index.php?site=g62
62.109.24.220404 Not Found 722 B URL HTTP/1.1 975.062.ru/index.php?site=g62
IP 62.109.24.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b7e4e60cee7f52e155dac6c705a4cf7c
a8f2bd301981d43c108105e86e6237d782d4cd4c
c7894f0f53e5f8d88e108aa25ca7ce36534bcdaa65ed23d42e2b32e44ee45117
GET /index.php?site=g62 HTTP/1.1
Host: 975.062.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Mar 2021 09:07:04 GMT
ETag: W/"586-5bd3f1b6ae977"
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 10:07:59 GMT
age: 203
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gorod62.com/aners/mary_kay_180_70.gif
104.21.8.83200 OK 34 kB URL HTTP/1.1 www.gorod62.com/aners/mary_kay_180_70.gif
IP 104.21.8.83:0
File type GIF image data, version 89a, 180 x 70\012- data
Hash ddb80c94af355c0572ad3f062287ffc6
b3911aea04955d51e0114cac3930aade7351a15b
12451f95e442683df5ee02ac8bbf4f8a344206ce7fa1711bc4f5797baace45b7
GET /aners/mary_kay_180_70.gif HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/gif
Content-Length: 34008
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:24:13 GMT
ETag: "634ce6fd-84d8"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqOXN9Ob1IZXKYT%2B1pstZnkc6hMoVKzuhoPpZ3xu9EnvfT99nG5DVI64RUvlHcKiU%2BDIiHVA6T4uyaEIuTnhD1KGwhlrtzuXVq77QN%2FumlZwAqTWWUuhirlVjBOH0sflt%2BA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d2ba19b524-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/aners/vorota_180x70.jpg
104.21.8.83200 OK 36 kB URL HTTP/1.1 www.gorod62.com/aners/vorota_180x70.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2012:08:30 11:10:41], baseline, precision 8, 180x70, components 3\012- data
Hash ad824eed276c356feab83fa92b861cf9
c43d2998e6b29c1ea1a7f63ba750625c9889b734
a00c0ba7966ebbca720faff1a3c022c9231736f02579edd9f92cfbb1f60476ee
GET /aners/vorota_180x70.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/jpeg
Content-Length: 36236
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:24:13 GMT
ETag: "634ce6fd-8d8c"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2F%2F7GYC1yBeXBp%2BqPRtL9xo0ksXeUFGxugRTKSMZn7hx9pNulbE5CHYjHkx8cdiqz3Xb2Yb9%2Bsz%2BEiD591g0vt0ywhIAQPVNsf%2FimgM2whEaO7LW9e5CdCpTOggEcesJxio%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d2e8fbb4f9-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/images_t/5Ipfhc75IsoH77nZGjRvvZe0ft52Vh.jpg
104.21.8.83200 OK 4.3 kB URL HTTP/1.1 www.gorod62.com/images_t/5Ipfhc75IsoH77nZGjRvvZe0ft52Vh.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, progressive, precision 8, 160x160, components 3\012- data
Hash af35708aef39f2e44627bc92bce5e132
fd432ca014d8e971c66a3f1a5156be441b4c1879
dbfc65d00649eefcf7872fe4a5364e91b26a3c9f5ef10921dd56737f42f3475d
GET /images_t/5Ipfhc75IsoH77nZGjRvvZe0ft52Vh.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/jpeg
Content-Length: 4325
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:25:42 GMT
ETag: "634ce756-10e5"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COVcVgyVaYE%2FeF%2BlDhzd%2FxGVTAEGaWdTkFKz9dKCtnasD9a6KIEvYtIdxg%2FySRkQltvvqHj76B3nRcft1PKd0CK5zApf7Y7LzWuFPIsnUZTpGJ6xIyO3xeM8jYupOCUc2N8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d32b4db4f1-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/images_t/JR37vHZ4xShTlXthRDtSGlL0JYSegs.jpg
104.21.8.83200 OK 13 kB URL HTTP/1.1 www.gorod62.com/images_t/JR37vHZ4xShTlXthRDtSGlL0JYSegs.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, progressive, precision 8, 160x224, components 3\012- data
Hash c7dfdffb3410683d65c47fb8649578f4
da44743030efe9209c011a57b2ec1cdbaf29d64f
7f47a5a121d4036df7283fc3776571ee7b8a64c7f8ebac03c4c8821b8829744b
GET /images_t/JR37vHZ4xShTlXthRDtSGlL0JYSegs.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/jpeg
Content-Length: 13099
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:25:58 GMT
ETag: "634ce766-332b"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yrvi5nzL4lLkgi0nq9Zt9bUbDP7yN7hsn1XlErF9NDg72dS4diWcbRY8DMfJHYqKlDIwj0XfNg0uEdrnu81L7NVcm7k0jvwgI6i5bbvAiSA4G63bkCn7k8Fxi0BlwMIH1g0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d379b1b4ed-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/images_t/F3A2i4rJaUSKe8DJN7zAtSlVhZ8n6G.jpg
104.21.8.83200 OK 8.1 kB URL HTTP/1.1 www.gorod62.com/images_t/F3A2i4rJaUSKe8DJN7zAtSlVhZ8n6G.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 28x28, segment length 16, progressive, precision 8, 160x124, components 3\012- data
Hash 6ce0287e5bde3dfbaf35fd5583fb2a17
de1c9bcd62ff74c3274434fa85e983469fbef8f7
b053b9c13f028b98df0aaecee5570469557f6512df818e2f7916f5c0a1085839
GET /images_t/F3A2i4rJaUSKe8DJN7zAtSlVhZ8n6G.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/jpeg
Content-Length: 8076
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:25:51 GMT
ETag: "634ce75f-1f8c"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuMmGwW6inq3pJgkQhfMFpo6fGji7iN5GHjIav4dI0A4TZicPO4A3tw1zbKTHEzPb2xGv3qcQdanU6suBmOL62brLA9%2Bghv85ayoai0zn3VMawol3aiS77pHcVZ%2FNWswdNg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d37a38b503-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/shablon/im/net_izo.jpg
104.21.8.83200 OK 187 kB URL HTTP/1.1 www.gorod62.com/shablon/im/net_izo.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size 187 kB (187087 bytes)
Hash f09622a71a763dd323e3db54fba3ed13
659e93142dd4b0ef651b99292f02272c0ced88b4
c05786f5a6f35e675717dd3ed90eebbdbc9f1f4e564ede62dca237fb861b1a92
GET /shablon/im/net_izo.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/jpeg
Content-Length: 187087
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:52 GMT
ETag: "634ce79c-2dacf"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enf4FwpgzQSM7PEYyEGD0NskuyCFrUEezYrWqaSz7Qhyr7F2CLr18PBIvIhAi8y%2Fw3Bv8NM6%2FguGXJy3lf9INFka%2Bruul46RxKdL7Y%2FtMq8on0EUWVmpOdnW%2FgXio4RvS6I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d31b6b0b02-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/aners/galateya.jpg
104.21.8.83200 OK 10 kB URL HTTP/1.1 www.gorod62.com/aners/galateya.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 180x180, components 3\012- data
Hash e3c0e4245920715428b674bd050b06b5
23c322253df8d39000d459157033380bb3ec85a0
957301079b9af16ca09d00ef6523a9f3c6ccdd9a1474110e62f12a052fe18776
GET /aners/galateya.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/jpeg
Content-Length: 9979
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:24:13 GMT
ETag: "634ce6fd-26fb"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXsYEcPh3bzIhYzYWPHJiJgl9Vp0x09CkhA32ygVIkQnILs%2B0gprfEMrbCMAqqqWAxvAnTlJbul2F7o3pXWXTHF9YG7AzcKKK1B%2FDA9cJZOvydOPo2Sv7GG0oC350G4DBEE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d3dbd0b524-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/aners/kvartal180x140_1.gif
104.21.8.83200 OK 33 kB URL HTTP/1.1 www.gorod62.com/aners/kvartal180x140_1.gif
IP 104.21.8.83:0
File type GIF image data, version 89a, 180 x 140\012- data
Hash b332d71878374112fc9b5cf531a1242a
41d43ecdef655dedbb5c18a0f13866e3bcc33020
067fe3bbd2736a17a09f5d3dd410ae9372a0c8f8f7617c1e3c6138d49c8a5e70
GET /aners/kvartal180x140_1.gif HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:22 GMT
Content-Type: image/gif
Content-Length: 33119
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:24:13 GMT
ETag: "634ce6fd-815f"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZGnkPCk%2FOXf%2BKEowCZ8EfRVfqbmC2v4A2uK2%2B1TF8VU48iA8lqxvtZ6DI%2FqkDw4Cs3b%2FejoeqmcU93jUflrUBhUQtbMf2DHTotbsuHgNk3G11C%2F4VkazL4eKBcVK3tpTYU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d40a7eb4f9-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/images_t/11KI0xd7JMRXVIkxlujPI0apMb4m2N.jpg
104.21.8.83200 OK 4.5 kB URL HTTP/1.1 www.gorod62.com/images_t/11KI0xd7JMRXVIkxlujPI0apMb4m2N.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", progressive, precision 8, 160x94, components 3\012- data
Hash 13063f027f0f2101cd9a7095859021a7
623ab9f948db9591356586f376832d2d89cb04d1
7ebfc3942226eb18a79876f4991f0707a985ad1fdb9d1ea9856162b7d9c70f37
GET /images_t/11KI0xd7JMRXVIkxlujPI0apMb4m2N.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:23 GMT
Content-Type: image/jpeg
Content-Length: 4508
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:25:40 GMT
ETag: "634ce754-119c"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQWpaOqVb7F2tEgexdHmy7HggIkB3RuMF9AaZub5BnOTPVPoRWrxj1BMO5%2F4bqNE%2Bacw44MVTJFAqUM2D1URaWFclsdRf6%2BtI8ZYhIvyAYEJYs0EIh3w78KHDddHbDzUbqk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d45b6fb503-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/images_t/fmj9JZyMKHTBTRH536ZB4tKTHE4gfV.jpg
104.21.8.83200 OK 0 B URL HTTP/1.1 www.gorod62.com/images_t/fmj9JZyMKHTBTRH536ZB4tKTHE4gfV.jpg
IP 104.21.8.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images_t/fmj9JZyMKHTBTRH536ZB4tKTHE4gfV.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:23 GMT
Content-Type: image/jpeg
Content-Length: 0
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:25:52 GMT
ETag: "634ce760-0"
Expires: Sun, 08 Jan 2023 10:11:22 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOsk%2F6Xf9DK%2BkGwEHdsZAUgzGp4u0IwhswkdOhcDVBLFav27m7zCzZLwELt4rzHBw0Mw6nBg4vDk0UBMosNgEJTVZffNNh8squfPjVHsRdAYs60dzKyTcs0UHEeFwt%2Bk%2Fiw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d40c4eb4f1-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/images_t/AZShT5EsBSGVK21RnuVlZ5tUNuUCKP.JPG
104.21.8.83200 OK 8.8 kB URL HTTP/1.1 www.gorod62.com/images_t/AZShT5EsBSGVK21RnuVlZ5tUNuUCKP.JPG
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 160x213, components 3\012- data
Hash eb455f9c850223f3b2153c4cd9f34c24
3942df9572b1bebd5eddefeb55592e095a999cd8
bace7ae455be285b2fbc9a0686cd40b17687566c7cf65ea6387ca6b5fa97b53f
Analyzer Verdict Alert fortinet Malware
GET /images_t/AZShT5EsBSGVK21RnuVlZ5tUNuUCKP.JPG HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:23 GMT
Content-Type: image/jpeg
Content-Length: 8803
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:25:48 GMT
ETag: "634ce75c-2263"
Expires: Sun, 08 Jan 2023 10:11:23 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ0EbDdLH741DgCK%2F8t3jjzDeFm%2FqHfIyOX71brQxRH8CzHA%2FBlK4nHVSxbsVsVUZ%2BwuGZTj0uXsOca0jKcwlPUUcvGZZzE6o5jSUsgGaYnSMsmYZl6ISsiwIRn48qi%2FbII%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d42a61b4ed-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/images_t/LU2atNZn10kvZMERpmC3JJVCC9gicC.jpg
104.21.8.83200 OK 9.1 kB URL HTTP/1.1 www.gorod62.com/images_t/LU2atNZn10kvZMERpmC3JJVCC9gicC.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, progressive, precision 8, 160x224, components 3\012- data
Hash 1fd7fc3e598b365cfa7fb061c7381f99
3ebde82934f6fdf97365059b028351f11b6b8de8
21f3b0ff177dcdf88143643c5790d4e6ed1fcc29b02d4b03ed1e33453ff878dc
GET /images_t/LU2atNZn10kvZMERpmC3JJVCC9gicC.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:23 GMT
Content-Type: image/jpeg
Content-Length: 9111
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:02 GMT
ETag: "634ce76a-2397"
Expires: Sun, 08 Jan 2023 10:11:23 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7wyK2JMVNsMOGiXJX5gbbb%2FqLrgVCb1GGyIhGD1nhMjv1W3v5cWSKCLYjPSXM4cZuydmRZWmbCoSooY9SUlmBPriGPmkm%2B%2FSrJ4RkDCILfpotB53q8hQ%2BOpe2ecwAWuG2E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d49cb90b02-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6535
Cache-Control: max-age=89064
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:55:47 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.gorod62.com/images_t/FFj2esTm9ahRiOkG7Z2hUA4XELSeaz.jpg
104.21.8.83200 OK 6.1 kB URL HTTP/1.1 www.gorod62.com/images_t/FFj2esTm9ahRiOkG7Z2hUA4XELSeaz.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 160x85, components 3\012- data
Hash 03ec2b3ca6ae5830461cbae103594b06
79aec4429fc8c376e295a5a9f31955d73893a55c
f70cd5b1fa117ec9db0059d7e04a3946b38f232e3916afbbfbfce079534bf7ea
GET /images_t/FFj2esTm9ahRiOkG7Z2hUA4XELSeaz.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:23 GMT
Content-Type: image/jpeg
Content-Length: 6112
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:25:52 GMT
ETag: "634ce760-17e0"
Expires: Sun, 08 Jan 2023 10:11:23 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXhIhSKwe92SFZiEXxnRnjfsF0UQScS4M992DqIGGLsIu%2F80evuM6VkTVl%2BJh9e2f3qziyuGzt115PRlI3j5NARnchsPrrQswWbfBZa7iQRc8PlVhWvf2BaRKNJwwWURKZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d4bb48b4f9-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/images_t/8UcS3Gg7kscR7ZHbJuGPppcLKOO2hU.jpg
104.21.8.83200 OK 6.3 kB URL HTTP/1.1 www.gorod62.com/images_t/8UcS3Gg7kscR7ZHbJuGPppcLKOO2hU.jpg
IP 104.21.8.83:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 150x94, components 3\012- data
Hash 45c0dcf02796d9a71784e5817cfe2d59
79221c78b7d8223a8e4c929a0439beeb42c3d172
12cc4f41a4befaee0777a5de8c51cd9fe94df3a4730b9af1f9b0c8becf089b40
GET /images_t/8UcS3Gg7kscR7ZHbJuGPppcLKOO2hU.jpg HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:23 GMT
Content-Type: image/jpeg
Content-Length: 6310
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:25:46 GMT
ETag: "634ce75a-18a6"
Expires: Sun, 08 Jan 2023 10:11:23 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6M7KLdHjJD3X%2B29y%2FhSCJ7tbsP%2B1B4kHyqn36fZ9L%2FrcE5dCU9wtPnMeqUevbzTZfDKdPM3UCJ3Kf0bT4UJyDH3huYClcjxo5YNHfgCxl0OHNuXS4Z6FOwdEcMfTb0E%2FxE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776cf4d4acdcb524-OSL
alt-svc: h2=":443"; ma=60
www.gorod62.com/design/images/favicon.ico
104.21.8.83200 OK 749 B URL HTTP/1.1 www.gorod62.com/design/images/favicon.ico
IP 104.21.8.83:0
Hash 085b1071cd2fa1209a04f6bbbbf02cd6
2126dc7081b6533ca36a3bd336b727f97e9c97e7
f49b26122e89199eae4192fdac74722774130e3a73d0985580a8101bece8f357
GET /design/images/favicon.ico HTTP/1.1
Host: www.gorod62.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gorod62.com/faq.php?page=5
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 10:11:23 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 05:26:32 GMT
Vary: Accept-Encoding
ETag: W/"634ce788-925"
Expires: Sun, 08 Jan 2023 10:11:23 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0C1kKslSHd28xlCCwgxXNZppyL5S3nhPTEYb41rljqb%2FXV5rO4UbdmnJjXm7VZ%2BDJuKl025bFqqXDE6F3ZU0qvLmDkMjiCGJh5j7fB9rMDTbn%2F3no7Qji3JOrQfAzWI6Uk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776cf4d59dbc0b02-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CimvGjnroqEeZmQW6u8siw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rzVIqyCRuEu9Jy7nWv3e0g53ips=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbe432d06442a6cb4f20be34e4d58026
4bcfa4ef74b42eb562cd75321f8de6bd5b54d960
09fc64ce93c2b166e64ceb5f99bc9e20785097140581f9cb363577f68e3653be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 48487c86e61361cb1055f9ab315d3b4e
8bb6ce1c9bbd0315b9bf8173ba6d2c21f2c120ef
9899e720c3cf6f0b777190c161de072637351830d45236355ae08db668a98eba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.gorod62.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.gorod62.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.gorod62.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 10:11:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www.gorod62.com&callback=_gfp_s_&client=ca-pub-7194611144688008&gpid_exp=1
216.58.207.226200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.gorod62.com&callback=_gfp_s_&client=ca-pub-7194611144688008&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (389), with no line terminators
Hash 62f40aea109d26c4efdb39c2b743abff
c1c403b11cdb6dbc175d9c903535cdeb3cf80f86
17c8b44170e105ad54958a7250513b4ebc30b9198664bfb717a091f78085173d
GET /gampad/cookie.js?domain=www.gorod62.com&callback=_gfp_s_&client=ca-pub-7194611144688008&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 10:11:23 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.gorod62.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.gorod62.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.gorod62.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 10:11:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbe432d06442a6cb4f20be34e4d58026
4bcfa4ef74b42eb562cd75321f8de6bd5b54d960
09fc64ce93c2b166e64ceb5f99bc9e20785097140581f9cb363577f68e3653be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7194611144688008&output=html&h=600&slotname=4506103131&adk=2633140557&adf=2428719518&pi=t.ma~as.4506103131&w=160&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=10&bdt=778&idt=391&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366%2C0782666686%2C6756658418&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=1054&ady=249&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9EKF7ep3FL&p=http%3A//www.gorod62.com&dtd=519
172.217.21.162200 OK 206 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7194611144688008&output=html&h=600&slotname=4506103131&adk=2633140557&adf=2428719518&pi=t.ma~as.4506103131&w=160&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=10&bdt=778&idt=391&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366%2C0782666686%2C6756658418&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=1054&ady=249&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9EKF7ep3FL&p=http%3A//www.gorod62.com&dtd=519
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 9a1f67c0e70954a0a6a6043d0d92c199
71ca23feeee7553e01ac6f59987d99da0cc6588d
46205f3bff28246a191e07374a6adab5f826d9a8780f73d922a18932964bcd56
GET /pagead/ads?client=ca-pub-7194611144688008&output=html&h=600&slotname=4506103131&adk=2633140557&adf=2428719518&pi=t.ma~as.4506103131&w=160&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=10&bdt=778&idt=391&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366%2C0782666686%2C6756658418&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=1054&ady=249&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9EKF7ep3FL&p=http%3A//www.gorod62.com&dtd=519 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Dec 2022 10:11:23 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 10:26:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 10:11:23 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7194611144688008&output=html&h=60&slotname=6756658418&adk=984692256&adf=2489907097&pi=t.ma~as.6756658418&w=468&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=6&bdt=779&idt=375&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366%2C0782666686&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=408&ady=907&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=mPRzr5jVDl&p=http%3A//www.gorod62.com&dtd=514
172.217.21.162200 OK 207 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7194611144688008&output=html&h=60&slotname=6756658418&adk=984692256&adf=2489907097&pi=t.ma~as.6756658418&w=468&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=6&bdt=779&idt=375&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366%2C0782666686&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=408&ady=907&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=mPRzr5jVDl&p=http%3A//www.gorod62.com&dtd=514
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 9bcc637efd9561c52c09c874d3763b35
a00aeeffd3e7cbbcea618f62aabe6ca20f6bb08a
345b6739efe5775764052be91e6908d5fe3f0b3aec5234a2a34a8ff34dee9761
GET /pagead/ads?client=ca-pub-7194611144688008&output=html&h=60&slotname=6756658418&adk=984692256&adf=2489907097&pi=t.ma~as.6756658418&w=468&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=6&bdt=779&idt=375&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366%2C0782666686&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=408&ady=907&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=mPRzr5jVDl&p=http%3A//www.gorod62.com&dtd=514 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Dec 2022 10:11:23 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 10:26:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 10:11:23 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7194611144688008&output=html&h=60&slotname=0782666686&adk=1255900945&adf=3814666245&pi=t.ma~as.0782666686&w=468&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=6&bdt=778&idt=373&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=408&ady=386&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Cl2vsCA4il&p=http%3A//www.gorod62.com&dtd=508
172.217.21.162200 OK 207 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7194611144688008&output=html&h=60&slotname=0782666686&adk=1255900945&adf=3814666245&pi=t.ma~as.0782666686&w=468&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=6&bdt=778&idt=373&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=408&ady=386&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Cl2vsCA4il&p=http%3A//www.gorod62.com&dtd=508
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 532931d9059ab33eee7d13cee72ec68b
15706cfeb803cc488a329de6a9b0c29acafbbdac
6103db4b665955fc2ebae8b30441a375da22cf8d324d28cfb93f0cf5d2cdffd1
GET /pagead/ads?client=ca-pub-7194611144688008&output=html&h=60&slotname=0782666686&adk=1255900945&adf=3814666245&pi=t.ma~as.0782666686&w=468&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=6&bdt=778&idt=373&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&prev_slotnames=1256127366&correlator=8249627850377&frm=20&pv=1&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=408&ady=386&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Cl2vsCA4il&p=http%3A//www.gorod62.com&dtd=508 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Dec 2022 10:11:23 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 10:26:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 10:11:23 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7194611144688008&output=html&h=90&slotname=1256127366&adk=3260457736&adf=465911686&pi=t.ma~as.1256127366&w=728&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=28&bdt=778&idt=334&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&correlator=8249627850377&frm=20&pv=2&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=270&ady=195&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Mh2AiRu7wD&p=http%3A//www.gorod62.com&dtd=501
172.217.21.162200 OK 207 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7194611144688008&output=html&h=90&slotname=1256127366&adk=3260457736&adf=465911686&pi=t.ma~as.1256127366&w=728&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=28&bdt=778&idt=334&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&correlator=8249627850377&frm=20&pv=2&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=270&ady=195&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Mh2AiRu7wD&p=http%3A//www.gorod62.com&dtd=501
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 13b7692e0474f768581b9f0d2c6e24f1
f3e63dcab2ac110c8480870bfc1892c0c648a3d7
71ca966287b73455ce04a3ad55f282fe2864a2304abef981d1e01b2f7ccc2a9a
GET /pagead/ads?client=ca-pub-7194611144688008&output=html&h=90&slotname=1256127366&adk=3260457736&adf=465911686&pi=t.ma~as.1256127366&w=728&lmt=1665983878&url=http%3A%2F%2Fwww.gorod62.com%2Ffaq.php%3Fpage%3D5&wgl=1&dt=1670580682056&bpp=28&bdt=778&idt=334&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D79805045d67038d0-22632c31d0d90089%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MY4Rsw2hTOt29S0qQeM4FXf7UGSwg&gpic=UID%3D00000b8faeb6730a%3AT%3D1670580683%3ART%3D1670580683%3AS%3DALNI_MaFdpAFacV2YdQJP9rI3F-KnBw2fQ&correlator=8249627850377&frm=20&pv=2&ga_vid=459702807.1670580683&ga_sid=1670580683&ga_hid=608150960&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=270&ady=195&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071078%2C44777948%2C44779957&oid=2&pvsid=271135024702872&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Mh2AiRu7wD&p=http%3A//www.gorod62.com&dtd=501 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 09 Dec 2022 10:11:23 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 10:26:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 10:11:23 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.gorod62.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.gorod62.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.gorod62.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 10:11:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7f699af9ca7843cb9e6a1b7576c2940c
cce981996a863a63f9a8c497fbcebf5eae75607f
1c89b2002df4a7655407dab0a7d4d8bb74a3f8f7ef72d62c649a08a7b6cb64e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5654
Expires: Fri, 09 Dec 2022 11:45:38 GMT
Date: Fri, 09 Dec 2022 10:11:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5654
Expires: Fri, 09 Dec 2022 11:45:38 GMT
Date: Fri, 09 Dec 2022 10:11:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5654
Expires: Fri, 09 Dec 2022 11:45:38 GMT
Date: Fri, 09 Dec 2022 10:11:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5654
Expires: Fri, 09 Dec 2022 11:45:38 GMT
Date: Fri, 09 Dec 2022 10:11:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 61820
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 23817
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 08:30:07 GMT
age: 6077
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 23378
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 34665
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 911f9077bb888e775390cd5f34825f93
d64877f85440c5b7ab98bd29589f273b2b003608
9ae0779879235abd98a87fd4a25b0e2c1961d7e37ae2481867393e47ac871947
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa98459-9507-4e55-9fad-ef4a6111e4fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8295
x-amzn-requestid: e13ec956-9996-44d1-b216-1138c273d557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy42XHI_oAMFfCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63910828-532765c65249a4b339abfad4;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:39:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eDebLHlPV0psvVes0bmmBPmwqPlAA8LTNBvmMQIQhxNtM2bTqThGQg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:57:41 GMT
age: 44023
etag: "d64877f85440c5b7ab98bd29589f273b2b003608"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 09 Dec 2022 10:11:25 GMT
expires: Fri, 09 Dec 2022 10:11:25 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.161200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:29:01 GMT
expires: Wed, 06 Dec 2023 14:29:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 243744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 0f14ccb5df4eacacff2bed95485ac41b
62c252a19b189f4c5cc768de976b2e3a4ed5fe9d
f7553c7c72a13e24fc5a021952666e207fc0e15512afe072d3fd81c84e8f8a4c
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gorod62.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 09 Dec 2022 10:11:25 GMT
date: Fri, 09 Dec 2022 10:11:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-ReHgiCM1gYwjtFZrLG55sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 10:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN