Overview

URLbookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
IP 195.216.243.180 (Russia)
ASN#57724 Ddos-guard Ltd
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 04:35:46 UTC
StatusLoading report..
IDS alerts0
Blocklist alert16
urlquery alerts No alerts detected
Tags None

Domain Summary (37)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp2.globalsign.com (1) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.21.226
dm-eu.hybrid.ai (1) 28847 2021-01-25 11:48:59 UTC 2022-11-24 06:37:09 UTC 37.18.103.21
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
s.viitjcfx.com (6) 0 2022-11-14 11:02:39 UTC 2022-11-24 10:51:55 UTC 31.220.27.155 Unknown ranking
fcgi4.gnezdo.ru (1) 69027 2020-06-11 12:55:54 UTC 2022-11-24 05:50:48 UTC 93.95.102.105
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-24 11:11:51 UTC 142.250.74.10
hdbcode.com (7) 402014 2019-05-01 17:48:44 UTC 2022-11-24 10:51:54 UTC 185.98.54.153
mc.yandex.ru (4) 2672 2012-05-21 09:38:30 UTC 2022-11-24 11:15:18 UTC 87.250.251.119
i.cdnkimg.com (3) 8049 2022-10-07 17:31:09 UTC 2022-10-07 17:31:09 UTC 45.133.44.36
www.dom-cs.ucoz.net (4) 0 2012-12-03 01:13:07 UTC 2018-06-22 09:02:38 UTC 193.109.247.16 Domain (ucoz.net) ranked at: 72525
z.cdn.adtarget.me (1) 31288 2019-12-20 09:03:16 UTC 2022-11-24 12:17:42 UTC 212.32.253.229
absoluteroute.com (1) 0 2021-01-23 16:41:31 UTC 2022-11-24 19:11:43 UTC 193.200.64.20 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-24 05:36:55 UTC 34.102.187.140
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-24 08:13:00 UTC 142.250.74.164
bookbest.moy.su (66) 0 2018-06-16 18:20:15 UTC 2022-11-24 17:44:13 UTC 195.216.243.180 Domain (moy.su) ranked at: 700719
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
counter.yadro.ru (3) 7275 2014-09-09 18:41:17 UTC 2022-11-24 10:52:25 UTC 88.212.201.204
fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-11-24 11:09:52 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
static1.smi2.net (1) 73486 2014-12-02 09:33:33 UTC 2020-04-26 08:41:56 UTC 185.162.95.4
static3.smi2.net (1) 73131 2014-12-02 09:32:09 UTC 2020-04-02 09:14:33 UTC 88.212.218.13
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.pki.goog (8) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
s.uuidksinc.net (2) 3423 2015-07-20 12:00:35 UTC 2022-11-24 08:14:32 UTC 31.220.27.135
rot.spotsniper.ru (2) 0 2017-01-30 11:09:40 UTC 2022-11-24 10:51:54 UTC 31.172.81.160 Unknown ranking
static5.smi2.net (1) 80227 2014-12-02 10:06:23 UTC 2020-04-26 08:43:10 UTC 185.147.80.78
ne-gnevi-boga.at.ua (2) 0 2012-11-07 21:46:05 UTC 2018-12-28 08:42:30 UTC 195.216.243.237 Domain (at.ua) ranked at: 218695
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.69.31
uuidksinc.net (1) 3420 2015-05-31 08:43:35 UTC 2022-11-24 14:13:20 UTC 31.220.27.135
news.2xclick.ru (1) 134052 2017-02-21 19:56:44 UTC 2022-11-24 10:51:53 UTC 93.95.100.117
www.seven-zone.3dn.ru (1) 0 2015-02-03 07:45:14 UTC 2018-06-22 09:03:00 UTC 195.216.243.180 Domain (3dn.ru) ranked at: 462175
themes.googleusercontent.com (1) 9661 2012-05-29 23:36:21 UTC 2020-05-04 15:28:46 UTC 142.250.74.33
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-24 11:10:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
dmg.digitaltarget.ru (2) 21471 2015-04-23 14:50:51 UTC 2022-11-24 07:14:50 UTC 185.15.175.174
r3.o.lencr.org (22) 344 No data No data 23.36.76.226
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-24 05:30:55 UTC 34.117.237.239
s39.ucoz.net (8) 0 2012-07-16 15:21:24 UTC 2022-11-24 05:25:22 UTC 195.216.243.180 Domain (ucoz.net) ranked at: 72525

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67 Malware
2022-11-25 2 bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67 Malware
2022-11-25 2 bookbest.moy.su/?uZJ20u1XHhyBllBBae%21LJppTDKDfXOMJ%5ESld23dQzGFThEfJmb%5E6 (...) Malware
2022-11-25 2 bookbest.moy.su/?y2j573q99VIB0Y%5EjavXeuWO5CvJy03lSeIXTM%3B8nb%5EjygjSCXJYn (...) Malware
2022-11-25 2 bookbest.moy.su/.s/src/ulightbox/ulightbox.min.js Malware
2022-11-25 2 bookbest.moy.su/.s/src/jquery-3.6.0.min.js Malware
2022-11-25 2 bookbest.moy.su/.s/src/uwnd.min.js Malware
2022-11-25 2 bookbest.moy.su/_nw/0/25334825.jpeg Malware
2022-11-25 2 bookbest.moy.su/stat/1669350938 Malware
2022-11-25 2 bookbest.moy.su/.s/img/icon/social/u.svg Malware
2022-11-25 2 bookbest.moy.su/.s/img/icon/social/vk.svg Malware
2022-11-25 2 bookbest.moy.su/.s/img/icon/social/fb.svg Malware
2022-11-25 2 bookbest.moy.su/.s/img/icon/social/ya.svg Malware
2022-11-25 2 bookbest.moy.su/.s/img/icon/social/gp.svg Malware
2022-11-25 2 bookbest.moy.su/.s/img/icon/social/ok.svg Malware
2022-11-25 2 bookbest.moy.su/?JmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%5EiQuzdBhqO5B0SCBEkNbRDhT (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 195.216.243.180
Date UQ / IDS / BL URL IP
2023-01-27 06:40:56 +0000 0 - 0 - 6 soft-pro100.ucoz.ru/ 195.216.243.180
2023-01-18 05:49:52 +0000 0 - 0 - 2 dualist-css.ucoz.ru/_ld/1/125_NoCD_Grandia_2.rar 195.216.243.180
2023-01-12 13:01:54 +0000 0 - 4 - 0 mirmuz.ucoz.net/load/retro/festival_avtoradio (...) 195.216.243.180
2023-01-11 07:01:04 +0000 0 - 0 - 4 cs-strikes.3dn.ru/_ld/2/ 195.216.243.180
2022-12-24 17:01:25 +0000 0 - 0 - 2 only-cheats.do.am/_ld/12/1269_imaginary-v2.zip 195.216.243.180


Last 5 reports on ASN: Ddos-guard Ltd
Date UQ / IDS / BL URL IP
2023-01-29 11:55:51 +0000 0 - 0 - 6 sharkstealer.ru/host/drops/DVlDzZoYi/5JazdPp8A.exe 185.178.208.160
2023-01-29 09:05:37 +0000 0 - 0 - 5 dubko-factory.com/ 185.178.209.40
2023-01-29 07:57:54 +0000 0 - 0 - 0 breached.vc 185.129.102.37
2023-01-29 06:25:27 +0000 0 - 2 - 0 dadata.ru/?ref=136886 185.129.103.75
2023-01-29 05:34:02 +0000 0 - 0 - 32 www.roblox.com.et/users/6651204677/profile 185.178.208.131


Last 5 reports on domain: moy.su
Date UQ / IDS / BL URL IP
2023-01-15 04:55:11 +0000 0 - 4 - 0 gta4.moy.su/news/gta_5/99 195.216.243.102
2023-01-12 18:16:38 +0000 0 - 4 - 0 brodyaga.moy.su/_ld/0/3_gold_call.rar 193.109.246.5
2023-01-11 23:15:16 +0000 0 - 7 - 15 gta4.moy.su/index/0-2 195.216.243.102
2023-01-09 00:58:21 +0000 0 - 4 - 0 school4.moy.su/_ld/0/23_protokol.doc 193.109.247.239
2022-12-31 20:35:47 +0000 0 - 4 - 2 game-cheats.moy.su/cheats/aim_bot_for_cs1.6.rar 195.216.243.24


No other reports with similar screenshot

JavaScript

Executed Scripts (33)

Executed Evals (5)
#1 JavaScript::Eval (size: 17424) - SHA256: 4ce6aac8dc9d1b9a8692fb55665138c750c4a93789c20f53b48fb56fc60e5652
(function() {
    var z = this || self,
        bo = function(b, I, K, O) {
            (K = P((O = P(b), b)), x)(K, b, v(I, Z(O, b)))
        },
        R8 = function(b, I, K) {
            if ("object" == (I = typeof b, I))
                if (b) {
                    if (b instanceof Array) return "array";
                    if (b instanceof Object) return I;
                    if ("[object Window]" == (K = Object.prototype.toString.call(b), K)) return "object";
                    if ("[object Array]" == K || "number" == typeof b.length && "undefined" != typeof b.splice && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == K || "undefined" != typeof b.call && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == I && "undefined" == typeof b.call) return "object";
            return I
        },
        Z = function(b, I) {
            if (void 0 === (I = I.K[b], I)) throw [D, 30, b];
            if (I.value) return I.create();
            return I.create(1 * b * b + -48 * b + -64), I.prototype
        },
        f = function(b, I) {
            I.s = ((I.s ? I.s + "~" : "E:") + b.message + ":" + b.stack).slice(0, 2048)
        },
        I8 = function(b, I) {
            (I.push(b[0] << 24 | b[1] << 16 | b[2] << 8 | b[3]), I.push(b[4] << 24 | b[5] << 16 | b[6] << 8 | b[7]), I).push(b[8] << 24 | b[9] << 16 | b[10] << 8 | b[11])
        },
        O1 = function(b, I, K, O) {
            function y() {}
            return {
                invoke: (O = K2(b, (K = void 0, function(R) {
                    y && (I && J(I), K = R, y(), y = void 0)
                }), !!I)[0], function(R, w, q, N) {
                    function u() {
                        K(function(M) {
                            J(function() {
                                R(M)
                            })
                        }, q)
                    }
                    if (!w) return w = O(q), R && R(w), w;
                    K ? u() : (N = y, y = function() {
                        (N(), J)(u)
                    })
                })
            }
        },
        yj = function(b, I, K, O) {
            return Z(356, (k(319, (wl(b, (O = Z(319, b), b.H && O < b.j ? (k(319, b, b.j), qO(b, K)) : k(319, b, K), I)), b), O), b))
        },
        A = function(b, I, K, O, y, R, w, q, N) {
            if (O.L += ((w = (y = (N = (R = (q = (K || O.i++, 0 < O.P && O.I) && O.KI && 1 >= O.v && !O.C && !O.g && (!K || 1 < O.Z - b) && 0 == document.hidden, 4 == O.i)) || q ? O.D() : O.F, N - O.F), y >> 14), O.V) && (O.V ^= w * (y << 2)), O.A = w || O.A, w), R || q) O.F = N, O.i = 0;
            if (!q || N - O.X < O.P - (I ? 255 : K ? 5 : 2)) return false;
            return (k((I = Z((O.Z = b, K ? 351 : 319), O), 319), O, O.j), O.R).push([zJ, I, K ? b + 1 : b]), O.g = J, true
        },
        io = function(b, I) {
            return I[b] << 24 | I[(b | 0) + 1] << 16 | I[(b | 0) + 2] << 8 | I[(b | 0) + 3]
        },
        qO = function(b, I) {
            k(319, ((b.rt.push(b.K.slice()), b).K[319] = void 0, b), I)
        },
        V = function(b, I, K) {
            I[k(K, b, I), uo] = 2796
        },
        JW = function(b, I, K, O, y) {
            for ((b.pI = MO(b.h, ((b.kG = (b.fI = b[E], o8), b).Q2 = PW, {get: function() {
                        return this.concat()
                    }
                })), b).ju = p[b.h](b.pI, {
                    value: {
                        value: {}
                    }
                }), y = [], O = 0; 128 > O; O++) y[O] = String.fromCharCode(O);
            C(true, true, (l(((l([(V(b, (V(b, function(R, w) {
                (w = Z(P(R), R), qO)(R.A, w)
            }, (V(b, function(R, w, q, N) {
                k((w = g((N = P(R), R)), q = P(R), q), R, Z(N, R) >>> w)
            }, (k(97, (V((V(b, (k(230, b, (V(b, (b.uf = (k((k(162, b, (V(b, function(R, w, q, N) {
                (N = Z((w = (q = (w = P(R), N = P(R), P(R)), Z)(w, R), N), R), k)(q, R, +(w == N))
            }, (V(b, (V((V(b, (V(b, (V(b, (V(b, function(R) {
                bo(R, 1)
            }, (k(17, ((V(b, (b.HZ = (V(b, function(R, w) {
                R = (w = P(R), Z(w, R.A)), R[0].removeEventListener(R[1], R[2], c)
            }, (k(507, b, (V(b, function(R, w, q, N, u, M, H) {
                for (u = (q = Z(92, (w = (H = mj((N = P(R), R)), ""), R)), q.length), M = 0; H--;) M = ((M | 0) + (mj(R) | 0)) % u, w += y[q[M]];
                k(N, R, w)
            }, ((V(b, ((V((k((k(366, (k(356, b, (V(b, (V(b, (V(b, (V((k(182, (k(305, (k((b.Su = (V(b, (V(b, function(R, w, q) {
                A(w, false, true, R) || (w = P(R), q = P(R), k(q, R, function(N) {
                    return eval(N)
                }(xP(Z(w, R.A)))))
            }, (V(b, function(R) {
                HW(R, 4)
            }, (k((b.s = (b.DP = (b.L = 1, b.G = void 0, b.rt = [], b.KI = false, (b.W = void 0, b.Y = 0, b.X = (b.o = (b.A = b, []), b.l = (b.v = 0, O = (b.g = null, b.j = 0, (b.S = (b.N = false, void 0), b.wt = 0, window).performance) || {}, (b.P = 0, b).I = !(b.Z = 8001, 1), b.H = [], []), (b.i = void 0, b.U = 25, b.C = void 0, b.R = [], (b.V = void 0, b).RQ = function(R) {
                this.A = R
            }, b).K = [], 0), (b.F = 0, O).timeOrigin || (O.timing || {}).navigationStart) || 0), void 0), 319), b, 0), k(351, b, 0), 475)), 168)), function(R, w, q) {
                0 != (q = Z((w = P(R), q = P(R), q), R), Z(w, R)) && k(319, R, q)
            }), 342), 0), 253), b, []), b), b), b), 0), b), function(R) {
                bo(R, 4)
            }, 267), function(R, w, q, N, u) {
                (q = (u = Z((w = Z((u = P((q = (N = (w = P(R), P)(R), P)(R), R)), w), R.A), u), R), N = Z(N, R), Z)(q, R), 0) !== w && (q = vW(1, R, u, q, w, N), w.addEventListener(N, q, c), k(182, R, [w, N, q]))
            }), 261), function(R, w, q, N, u) {
                (w = (q = P((N = (u = P(R), P)(R), R)), P(R)), q = Z(q, R), w = Z(w, R), N = Z(N, R), k)(u, R, vW(w, R, q, N))
            }), 222), function(R, w, q, N) {
                (w = P((N = (q = P(R), P)(R), R)), k)(w, R, Z(q, R) || Z(N, R))
            }), 381), {})), b), 0), 270), b, z), b), function(R) {
                Zb(R, 3)
            }, 395), V)(b, function(R, w, q) {
                k((q = Z((w = P((q = P(R), R)), q), R), q = R8(q), w), R, q)
            }, 405), function(R, w, q, N) {
                !A(w, false, true, R) && (w = rl(R), q = w.J, N = w.AN, R.A == R || q == R.RQ && N == R) && (k(w.aQ, R, q.apply(N, w.O)), R.F = R.D())
            }), 234), V)(b, function(R) {
                Zb(R, 4)
            }, 203), 335)), [160, 0, 0])), 206)), 0), function() {}), 503), V)(b, function(R, w, q, N, u, M, H, r, m, L, X, G) {
                function Q(n, h) {
                    for (; q < n;) G |= g(R) << q, q += 8;
                    return h = G & (1 << n) - 1, q -= n, G >>= n, h
                }
                for (X = (L = (q = G = (M = P(R), 0), (Q(3) | 0) + 1), u = Q(5), N = 0), m = []; N < u; N++) H = Q(1), m.push(H), X += H ? 0 : 1;
                for (X = (w = (N = ((X | 0) - 1).toString(2).length, []), 0); X < u; X++) m[X] || (w[X] = Q(N));
                for (N = 0; N < u; N++) m[N] && (w[N] = P(R));
                for (r = []; L--;) r.push(Z(P(R), R));
                V(R, function(n, h, Y, NO, t) {
                    for (h = (NO = [], 0), Y = []; h < u; h++) {
                        if (t = w[h], !m[h]) {
                            for (; t >= Y.length;) Y.push(P(n));
                            t = Y[t]
                        }
                        NO.push(t)
                    }
                    n.S = Db(n, (n.C = Db(n, r.slice()), NO))
                }, M)
            }, 94), b), []), 367)), function(R, w, q, N) {
                (N = Z((q = Z((w = (q = P(R), P)(R), q), R), w), R), k)(w, R, N + q)
            }), 58), function(R, w, q, N, u, M) {
                if (!A(w, true, true, R)) {
                    if ("object" == R8((R = Z((M = (w = (M = (q = (w = (N = P(R), P)(R), P(R)), P(R)), Z)(w, R), Z)(M, R), q = Z(q, R), N), R), R))) {
                        for (u in N = [], R) N.push(u);
                        R = N
                    }
                    for (N = (u = (q = 0 < q ? q : 1, 0), R).length; u < N; u += q) w(R.slice(u, (u | 0) + (q | 0)), M)
                }
            }), 341), function(R, w, q, N) {
                if (w = R.rt.pop()) {
                    for (q = g(R); 0 < q; q--) N = P(R), w[N] = R.K[N];
                    R.K = (w[253] = R.K[253], w[97] = R.K[97], w)
                } else k(319, R, R.j)
            }), 327), b), function(R, w, q) {
                w = P(R), q = P(R), k(q, R, "" + Z(w, R))
            }, 455), function(R, w, q, N, u) {
                for (q = (u = P(R), w = mj(R), N = [], 0); q < w; q++) N.push(g(R));
                k(u, R, N)
            }), 34), 117)), T)(4)), 205), b, 524), 0), function(R, w, q, N) {
                N = (w = P((q = (N = P(R), P(R)), R)), Z(N, R)), q = Z(q, R), k(w, R, N in q | 0)
            }), 79), [0, 0, 0])), function(R, w, q, N, u) {
                (q = (u = (N = P(R), P(R)), P)(R), R).A == R && (q = Z(q, R), w = Z(N, R), u = Z(u, R), w[u] = q, 377 == N && (R.G = void 0, 2 == u && (R.V = B(32, R, false), R.G = void 0)))
            }), 474), b), function(R, w, q, N, u, M) {
                A(w, false, true, R) || (N = rl(R.A), w = N.AN, M = N.O, q = N.J, u = M.length, N = N.aQ, w = 0 == u ? new w[q] : 1 == u ? new w[q](M[0]) : 2 == u ? new w[q](M[0], M[1]) : 3 == u ? new w[q](M[0], M[1], M[2]) : 4 == u ? new w[q](M[0], M[1], M[2], M[3]) : 2(), k(N, R, w))
            }, 317), b), 2048), 89)), 473)), function(R, w, q, N) {
                k((N = (q = Z((w = P((N = (q = P(R), P(R)), R)), q), R), Z(N, R)), w), R, q[N])
            }), 380), uo)], b), l)([S, I], b), [f2, K]), b), b))
        },
        l = function(b, I) {
            I.R.splice(0, 0, b)
        },
        XO = function(b, I, K, O) {
            try {
                O = b[((I | 0) + 2) % 3], b[I] = (b[I] | 0) - (b[((I | 0) + 1) % 3] | 0) - (O | 0) ^ (1 == I ? O << K : O >>> K)
            } catch (y) {
                throw y;
            }
        },
        n2 = function(b, I, K) {
            if (3 == b.length) {
                for (K = 0; 3 > K; K++) I[K] += b[K];
                for (b = [13, 8, 13, 12, 16, 5, 3, 10, 15], K = 0; 9 > K; K++) I[3](I, K % 3, b[K])
            }
        },
        GJ = function(b, I, K, O, y) {
            for (y = (K = K[3] | (O = K[2] | 0, 0), 0); 14 > y; y++) I = I >>> 8 | I << 24, I += b | 0, K = K >>> 8 | K << 24, b = b << 3 | b >>> 29, I ^= O + 2298, K += O | 0, K ^= y + 2298, b ^= I, O = O << 3 | O >>> 29, O ^= K;
            return [b >>> 24 & 255, b >>> 16 & 255, b >>> 8 & 255, b >>> 0 & 255, I >>> 24 & 255, I >>> 16 & 255, I >>> 8 & 255, I >>> 0 & 255]
        },
        v = function(b, I, K, O) {
            for (K = (b | 0) - 1, O = []; 0 <= K; K--) O[(b | 0) - 1 - (K | 0)] = I >> 8 * K & 255;
            return O
        },
        wl = function(b, I, K, O, y, R) {
            if (!b.s) {
                b.v++;
                try {
                    for (R = (y = (K = b.j, void 0), 0); --I;) try {
                        if ((O = void 0, b).C) y = hW(b, b.C);
                        else {
                            if (R = Z(319, b), R >= K) break;
                            O = P((k(351, b, R), b)), y = Z(O, b)
                        }
                        A((y && y[$P] & 2048 ? y(b, I) : e([D, 21, O], b, 0), I), false, false, b)
                    } catch (w) {
                        Z(205, b) ? e(w, b, 22) : k(205, b, w)
                    }
                    if (!I) {
                        if (b.CI) {
                            b.v--, wl(b, 216630971487);
                            return
                        }
                        e([D, 33], b, 0)
                    }
                } catch (w) {
                    try {
                        e(w, b, 22)
                    } catch (q) {
                        f(q, b)
                    }
                }
                b.v--
            }
        },
        rl = function(b, I, K, O, y, R) {
            for (R = (K = ((O = (I = b[kP] || {}, P(b)), I.aQ = P(b), I).O = [], b.A == b ? (g(b) | 0) - 1 : 1), P(b)), y = 0; y < K; y++) I.O.push(P(b));
            for (; K--;) I.O[K] = Z(I.O[K], b);
            return (I.J = Z(O, b), I).AN = Z(R, b), I
        },
        vW = function(b, I, K, O, y, R) {
            function w() {
                if (I.A == I) {
                    if (I.K) {
                        var q = [F, O, K, void 0, y, R, arguments];
                        if (2 == b) var N = C(false, false, (l(q, I), I));
                        else if (1 == b) {
                            var u = !I.R.length;
                            (l(q, I), u) && C(false, false, I)
                        } else N = AW(I, q);
                        return N
                    }
                    y && R && y.removeEventListener(R, w, c)
                }
            }
            return w
        },
        E1 = function(b, I, K, O, y, R, w, q) {
            return O = [-9, -48, 48, 29, -71, -79, O, -95, 27, 81], R = Vj, q = b & 7, y = p[K.h](K.pI), y[K.h] = function(N) {
                q += (w = N, 6 + 7 * b), q &= 7
            }, y.concat = function(N) {
                return (w = (N = (N = -46 * I * I * w - -2208 * I * w + (N = I % 16 + 1, 1 * I * I * N) + q + 46 * w * w + O[q + 27 & 7] * I * N - -2944 * w + (R() | 0) * N - N * w, O)[N], void 0), O[(q + 21 & 7) + (b & 2)] = N, O)[q + (b & 2)] = -48, N
            }, y
        },
        C = function(b, I, K, O, y, R) {
            if (K.R.length) {
                K.I = (K.KI = (K.I && 0(), b), true);
                try {
                    y = K.D(), K.F = y, K.X = y, K.i = 0, O = p2(b, K), R = K.D() - K.X, K.Y += R, R < (I ? 0 : 10) || 0 >= K.U-- || (R = Math.floor(R), K.o.push(254 >= R ? R : 254))
                } finally {
                    K.I = false
                }
                return O
            }
        },
        J = z.requestIdleCallback ? function(b) {
            requestIdleCallback(function() {
                b()
            }, {
                timeout: 4
            })
        } : z.setImmediate ? function(b) {
            setImmediate(b)
        } : function(b) {
            setTimeout(b, 0)
        },
        e = function(b, I, K, O, y, R) {
            if (!I.N) {
                if ((b = (K = (0 == (R = Z(253, ((O = void 0, b) && b[0] === D && (O = b[2], K = b[1], b = void 0), I)), R).length && (y = Z(351, I) >> 3, R.push(K, y >> 8 & 255, y & 255), void 0 != O && R.push(O & 255)), ""), b && (b.message && (K += b.message), b.stack && (K += ":" + b.stack)), Z)(97, I), 3) < b) {
                    I.A = (K = (b -= (K = K.slice(0, (b | 0) - 3), (K.length | 0) + 3), Qj)(K), O = I.A, I);
                    try {
                        x(162, I, v(2, K.length).concat(K), 9)
                    } finally {
                        I.A = O
                    }
                }
                k(97, I, b)
            }
        },
        HW = function(b, I, K, O) {
            for (K = (O = P(b), 0); 0 < I; I--) K = K << 8 | g(b);
            k(O, b, K)
        },
        FO = function(b, I) {
            return I(function(K) {
                K(b)
            }), [function() {
                return b
            }]
        },
        cW = function(b, I, K) {
            return I.B(function(O) {
                K = O
            }, false, b), K
        },
        x = function(b, I, K, O, y, R) {
            if (I.A == I)
                for (R = Z(b, I), 162 == b ? (b = function(w, q, N, u) {
                        if ((u = (q = R.length, (q | 0) - 4 >> 3), R.hN) != u) {
                            u = (u << (N = [0, 0, y[R.hN = u, 1], y[2]], 3)) - 4;
                            try {
                                R.bf = GJ(io(u, R), io((u | 0) + 4, R), N)
                            } catch (M) {
                                throw M;
                            }
                        }
                        R.push(R.bf[q & 7] ^ w)
                    }, y = Z(230, I)) : b = function(w) {
                        R.push(w)
                    }, O && b(O & 255), I = K.length, O = 0; O < I; O++) b(K[O])
        },
        TJ = function(b, I) {
            if ((I = (b = null, z).trustedTypes, !I) || !I.createPolicy) return b;
            try {
                b = I.createPolicy("bg", {
                    createHTML: gl,
                    createScript: gl,
                    createScriptURL: gl
                })
            } catch (K) {
                z.console && z.console.error(K.message)
            }
            return b
        },
        p2 = function(b, I, K, O) {
            for (; I.R.length;) {
                K = (I.g = null, I).R.pop();
                try {
                    O = AW(I, K)
                } catch (y) {
                    f(y, I)
                }
                if (b && I.g) {
                    b = I.g, b(function() {
                        C(true, true, I)
                    });
                    break
                }
            }
            return O
        },
        AW = function(b, I, K, O, y) {
            if (O = I[0], O == W) b.U = 25, b.u(I);
            else if (O == E) {
                K = I[1];
                try {
                    y = b.s || b.u(I)
                } catch (R) {
                    f(R, b), y = b.s
                }
                K(y)
            } else if (O == zJ) b.u(I);
            else if (O == S) b.u(I);
            else if (O == f2) {
                try {
                    for (y = 0; y < b.l.length; y++) try {
                        K = b.l[y], K[0][K[1]](K[2])
                    } catch (R) {}
                } catch (R) {}(0, I[b.l = [], 1])(function(R, w) {
                    b.B(R, true, w)
                }, function(R) {
                    l([$P], (R = !b.R.length, b)), R && C(true, false, b)
                })
            } else {
                if (O == F) return y = I[2], k(332, b, I[6]), k(356, b, y), b.u(I);
                O == $P ? (b.H = [], b.K = null, b.o = []) : O == uo && "loading" === z.document.readyState && (b.g = function(R, w) {
                    function q() {
                        w || (w = true, R())
                    }
                    z.document.addEventListener("DOMContentLoaded", q, (w = false, c)), z.addEventListener("load", q, c)
                })
            }
        },
        MO = function(b, I) {
            return p[b](p.prototype, {
                pop: I,
                call: I,
                splice: I,
                document: I,
                replace: I,
                prototype: I,
                length: I,
                propertyIsEnumerable: I,
                floor: I,
                console: I,
                parent: I,
                stack: I
            })
        },
        Db = function(b, I, K) {
            return K = p[b.h](b.ju), K[b.h] = function() {
                return I
            }, K.concat = function(O) {
                I = O
            }, K
        },
        a, Zb = function(b, I, K, O, y) {
            (((y = (K = P((I &= (O = I & 3, 4), y = P(b), b)), Z)(y, b), I) && (y = Qj("" + y)), O) && x(K, b, v(2, y.length)), x)(K, b, y)
        },
        B = function(b, I, K, O, y, R, w, q, N, u, M, H, r, m) {
            if ((r = Z(319, I), r) >= I.j) throw [D, 31];
            for (w = r, u = (H = I.fI.length, b), q = 0; 0 < u;) M = w % 8, R = 8 - (M | 0), N = w >> 3, R = R < u ? R : u, O = I.H[N], K && (y = I, y.G != w >> 6 && (y.G = w >> 6, m = Z(377, y), y.W = GJ(y.V, y.G, [0, 0, m[1], m[2]])), O ^= I.W[N & H]), q |= (O >> 8 - (M | 0) - (R | 0) & (1 << R) - 1) << (u | 0) - (R | 0), w += R, u -= R;
            return k(319, I, (K = q, (r | 0) + (b | 0))), K
        },
        P = function(b, I) {
            if (b.C) return hW(b, b.S);
            return (I = B(8, b, true), I) & 128 && (I ^= 128, b = B(2, b, true), I = (I << 2) + (b | 0)), I
        },
        d, k = function(b, I, K) {
            if (319 == b || 351 == b) I.K[b] ? I.K[b].concat(K) : I.K[b] = Db(I, K);
            else {
                if (I.N && 377 != b) return;
                507 == b || 162 == b || 17 == b || 253 == b || 230 == b ? I.K[b] || (I.K[b] = E1(54, b, I, K)) : I.K[b] = E1(137, b, I, K)
            }
            377 == b && (I.V = B(32, I, false), I.G = void 0)
        },
        Qj = function(b, I, K, O, y) {
            for (y = (I = K = (b = b.replace(/\r\n/g, "\n"), 0), []); I < b.length; I++) O = b.charCodeAt(I), 128 > O ? y[K++] = O : (2048 > O ? y[K++] = O >> 6 | 192 : (55296 == (O & 64512) && I + 1 < b.length && 56320 == (b.charCodeAt(I + 1) & 64512) ? (O = 65536 + ((O & 1023) << 10) + (b.charCodeAt(++I) & 1023), y[K++] = O >> 18 | 240, y[K++] = O >> 12 & 63 | 128) : y[K++] = O >> 12 | 224, y[K++] = O >> 6 & 63 | 128), y[K++] = O & 63 | 128);
            return y
        },
        g = function(b) {
            return b.C ? hW(b, b.S) : B(8, b, true)
        },
        T = function(b, I) {
            for (I = []; b--;) I.push(255 * Math.random() | 0);
            return I
        },
        mj = function(b, I) {
            return (I = g(b), I) & 128 && (I = I & 127 | g(b) << 7), I
        },
        K2 = function(b, I, K, O) {
            return (O = d[b.substring(0, 3) + "_"]) ? O(b.substring(3), I, K) : FO(b, I)
        },
        c = {
            passive: true,
            capture: true
        },
        gl = function(b) {
            return b
        },
        U = function(b, I, K) {
            K = this;
            try {
                JW(this, b, I)
            } catch (O) {
                f(O, this), I(function(y) {
                    y(K.s)
                })
            }
        },
        hW = function(b, I) {
            return (I = I.create().shift(), b.C.create().length || b.S.create().length) || (b.C = void 0, b.S = void 0), I
        },
        kP = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        zJ = [],
        f2 = [],
        $P = ((U.prototype.FY = void 0, U).prototype.T = "toString", U.prototype.CI = false, []),
        W = (U.prototype.eu = void 0, []),
        E = [],
        S = [],
        uo = [],
        D = {},
        F = [],
        p = (((I8, T, XO, function() {})(n2), U.prototype).h = "create", D.constructor),
        Vj = ((a = U.prototype, a.nI = function(b, I, K, O, y, R) {
            for (R = [], K = O = 0; K < b.length; K++)
                for (O += I, y = y << I | b[K]; 7 < O;) O -= 8, R.push(y >> O & 255);
            return R
        }, a).GP = function(b, I, K) {
            return b ^ ((I = (I ^= I << 13, I ^= I >> 17, (I ^ I << 5) & K)) || (I = 1), I)
        }, void 0),
        PW = (((a.D = (a.B = (a.Mm = function() {
            return Math.floor(this.Y + (this.D() - this.X))
        }, a.dt = function() {
            return Math.floor(this.D())
        }, a.Oj = function(b, I, K, O, y) {
            for (y = O = 0; y < b.length; y++) O += b.charCodeAt(y), O += O << 10, O ^= O >> 6;
            return O = (b = (O += O << 3, O ^= O >> 11, O) + (O << 15) >>> 0, new Number(b & (1 << I) - 1)), O[0] = (b >>> I) % K, O
        }, function(b, I, K, O, y) {
            if (K = "array" === R8(K) ? K : [K], this.s) b(this.s);
            else try {
                y = [], O = !this.R.length, l([W, y, K], this), l([E, b, y], this), I && !O || C(I, true, this)
            } catch (R) {
                f(R, this), b(this.s)
            }
        }), (window.performance || {}).now ? function() {
            return this.DP + window.performance.now()
        } : function() {
            return +new Date
        }), U.prototype.u = function(b, I) {
            return Vj = (I = (b = {}, {}), function() {
                    return I == b ? -64 : -17
                }),
                function(K, O, y, R, w, q, N, u, M, H, r, m, L, X, G) {
                    I = (u = I, b);
                    try {
                        if (y = K[0], y == S) {
                            L = K[1];
                            try {
                                for (M = H = (R = (q = atob(L), []), 0); H < q.length; H++) O = q.charCodeAt(H), 255 < O && (R[M++] = O & 255, O >>= 8), R[M++] = O;
                                this.H = R, this.j = this.H.length << 3, k(377, this, [0, 0, 0])
                            } catch (Q) {
                                e(Q, this, 17);
                                return
                            }
                            wl(this, 8001)
                        } else if (y == W) K[1].push(Z(97, this), Z(162, this).length, Z(17, this).length, Z(507, this).length), k(356, this, K[2]), this.K[376] && yj(this, 8001, Z(376, this));
                        else {
                            if (y == E) {
                                (X = (G = v(2, ((H = K[2], Z(507, this)).length | 0) + 2), this).A, this).A = this;
                                try {
                                    w = Z(253, this), 0 < w.length && x(507, this, v(2, w.length).concat(w), 10), x(507, this, v(1, this.L), 109), x(507, this, v(1, this[E].length)), q = 0, N = Z(162, this), q += Z(366, this) & 2047, q -= (Z(507, this).length | 0) + 5, 4 < N.length && (q -= (N.length | 0) + 3), 0 < q && x(507, this, v(2, q).concat(T(q)), 15), 4 < N.length && x(507, this, v(2, N.length).concat(N), 156)
                                } finally {
                                    this.A = X
                                }
                                if (r = ((M = T(2).concat(Z(507, this)), M)[1] = M[0] ^ 6, M[3] = M[1] ^ G[0], M[4] = M[1] ^ G[1], this).sj(M)) r = "!" + r;
                                else
                                    for (q = 0, r = ""; q < M.length; q++) m = M[q][this.T](16), 1 == m.length && (m = "0" + m), r += m;
                                return Z(507, (Z(((k(97, (R = r, this), H.shift()), Z)(162, this).length = H.shift(), 17), this).length = H.shift(), this)).length = H.shift(), R
                            }
                            if (y == zJ) yj(this, K[2], K[1]);
                            else if (y == F) return yj(this, 8001, K[1])
                        }
                    } finally {
                        I = u
                    }
                }
        }(), U.prototype).V2 = 0, U.prototype).sj = function(b, I, K, O) {
            if (I = window.btoa) {
                for (O = (K = 0, ""); K < b.length; K += 8192) O += String.fromCharCode.apply(null, b.slice(K, K + 8192));
                b = I(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else b = void 0;
            return b
        }, U.prototype.XY = 0, /./),
        o8, BW = S.pop.bind((U.prototype[f2] = [0, 0, 1, 1, 0, 1, 1], U.prototype[W])),
        xP = (o8 = MO(U.prototype.h, (PW[U.prototype.T] = BW, {get: BW
        })), U.prototype.gt = void 0, function(b, I) {
            return (I = TJ()) && 1 === b.eval(I.createScript("1")) ? function(K) {
                return I.createScript(K)
            } : function(K) {
                return "" + K
            }
        }(z));
    (40 < (d = z.botguard || (z.botguard = {}), d.m) || (d.m = 41, d.bg = O1, d.a = K2), d).LDL_ = function(b, I, K) {
        return [(K = new U(b, I), function(O) {
            return cW(O, K)
        })]
    };
}).call(this);
#2 JavaScript::Eval (size: 22) - SHA256: d8fc182869d21957579c2a09eae263e41ab53e4c30c4ffa96d93584a64eb6f77
0,
function(R) {
    HW(R, 2)
}
#3 JavaScript::Eval (size: 15568) - SHA256: ac67106da7775f013b7cb9730c8cde5cfa186d74c2bff74fe27579bb046366be
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var q = function(b, R) {
            if ((R = (b = K.trustedTypes, null), !b) || !b.createPolicy) return R;
            try {
                R = b.createPolicy("bg", {
                    createHTML: O,
                    createScript: O,
                    createScriptURL: O
                })
            } catch (I) {
                K.console && K.console.error(I.message)
            }
            return R
        },
        K = this || self,
        O = function(b) {
            return b
        };
    (0, eval)(function(b, R) {
        return (R = q()) && 1 === b.eval(R.createScript("1")) ? function(I) {
            return R.createScript(I)
        } : function(I) {
            return "" + I
        }
    }(K)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var z=this||self,bo=function(b,I,K,O){(K=P((O=P(b),b)),x)(K,b,v(I,Z(O,b)))},R8=function(b,I,K){if("object"==(I=typeof b,I))if(b){if(b instanceof Array)return"array";if(b instanceof Object)return I;if("[object Window]"==(K=Object.prototype.toString.call(b),K))return"object";if("[object Array]"==K||"number"==typeof b.length&&"undefined"!=typeof b.splice&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("splice"))return"array";if("[object Function]"==K||"undefined"!=typeof b.call&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==I&&"undefined"==typeof b.call)return"object";return I},Z=function(b,I){if(void 0===(I=I.K[b],I))throw[D,30,b];if(I.value)return I.create();return I.create(1*b*b+-48*b+-64),I.prototype},f=function(b,I){I.s=((I.s?I.s+"~":"E:")+b.message+":"+b.stack).slice(0,2048)},I8=function(b,I){(I.push(b[0]<<24|b[1]<<16|b[2]<<8|b[3]),I.push(b[4]<<24|b[5]<<16|b[6]<<8|b[7]),I).push(b[8]<<24|b[9]<<16|b[10]<<8|b[11])},O1=function(b,I,K,O){function y(){}return{invoke:(O=K2(b,(K=void 0,function(R){y&&(I&&J(I),K=R,y(),y=void 0)}),!!I)[0],function(R,w,q,N){function u(){K(function(M){J(function(){R(M)})},q)}if(!w)return w=O(q),R&&R(w),w;K?u():(N=y,y=function(){(N(),J)(u)})})}},yj=function(b,I,K,O){return Z(356,(k(319,(wl(b,(O=Z(319,b),b.H&&O<b.j?(k(319,b,b.j),qO(b,K)):k(319,b,K),I)),b),O),b))},A=function(b,I,K,O,y,R,w,q,N){if(O.L+=((w=(y=(N=(R=(q=(K||O.i++,0<O.P&&O.I)&&O.KI&&1>=O.v&&!O.C&&!O.g&&(!K||1<O.Z-b)&&0==document.hidden,4==O.i))||q?O.D():O.F,N-O.F),y>>14),O.V)&&(O.V^=w*(y<<2)),O.A=w||O.A,w),R||q)O.F=N,O.i=0;if(!q||N-O.X<O.P-(I?255:K?5:2))return false;return(k((I=Z((O.Z=b,K?351:319),O),319),O,O.j),O.R).push([zJ,I,K?b+1:b]),O.g=J,true},io=function(b,I){return I[b]<<24|I[(b|0)+1]<<16|I[(b|0)+2]<<8|I[(b|0)+3]},qO=function(b,I){k(319,((b.rt.push(b.K.slice()),b).K[319]=void 0,b),I)},V=function(b,I,K){I[k(K,b,I),uo]=2796},JW=function(b,I,K,O,y){for((b.pI=MO(b.h,((b.kG=(b.fI=b[E],o8),b).Q2=PW,{get:function(){return this.concat()}})),b).ju=p[b.h](b.pI,{value:{value:{}}}),y=[],O=0;128>O;O++)y[O]=String.fromCharCode(O);C(true,true,(l(((l([(V(b,(V(b,function(R,w){(w=Z(P(R),R),qO)(R.A,w)},(V(b,function(R,w,q,N){k((w=g((N=P(R),R)),q=P(R),q),R,Z(N,R)>>>w)},(k(97,(V((V(b,(k(230,b,(V(b,(b.uf=(k((k(162,b,(V(b,function(R,w,q,N){(N=Z((w=(q=(w=P(R),N=P(R),P(R)),Z)(w,R),N),R),k)(q,R,+(w==N))},(V(b,(V((V(b,(V(b,(V(b,(V(b,function(R){bo(R,1)},(k(17,((V(b,(b.HZ=(V(b,function(R,w){R=(w=P(R),Z(w,R.A)),R[0].removeEventListener(R[1],R[2],c)},(k(507,b,(V(b,function(R,w,q,N,u,M,H){for(u=(q=Z(92,(w=(H=mj((N=P(R),R)),""),R)),q.length),M=0;H--;)M=((M|0)+(mj(R)|0))%u,w+=y[q[M]];k(N,R,w)},((V(b,((V((k((k(366,(k(356,b,(V(b,(V(b,(V(b,(V((k(182,(k(305,(k((b.Su=(V(b,(V(b,function(R,w,q){A(w,false,true,R)||(w=P(R),q=P(R),k(q,R,function(N){return eval(N)}(xP(Z(w,R.A)))))},(V(b,function(R){HW(R,4)},(k((b.s=(b.DP=(b.L=1,b.G=void 0,b.rt=[],b.KI=false,(b.W=void 0,b.Y=0,b.X=(b.o=(b.A=b,[]),b.l=(b.v=0,O=(b.g=null,b.j=0,(b.S=(b.N=false,void 0),b.wt=0,window).performance)||{},(b.P=0,b).I=!(b.Z=8001,1),b.H=[],[]),(b.i=void 0,b.U=25,b.C=void 0,b.R=[],(b.V=void 0,b).RQ=function(R){this.A=R},b).K=[],0),(b.F=0,O).timeOrigin||(O.timing||{}).navigationStart)||0),void 0),319),b,0),k(351,b,0),475)),168)),function(R,w,q){0!=(q=Z((w=P(R),q=P(R),q),R),Z(w,R))&&k(319,R,q)}),342),0),253),b,[]),b),b),b),0),b),function(R){bo(R,4)},267),function(R,w,q,N,u){(q=(u=Z((w=Z((u=P((q=(N=(w=P(R),P)(R),P)(R),R)),w),R.A),u),R),N=Z(N,R),Z)(q,R),0)!==w&&(q=vW(1,R,u,q,w,N),w.addEventListener(N,q,c),k(182,R,[w,N,q]))}),261),function(R,w,q,N,u){(w=(q=P((N=(u=P(R),P)(R),R)),P(R)),q=Z(q,R),w=Z(w,R),N=Z(N,R),k)(u,R,vW(w,R,q,N))}),222),function(R,w,q,N){(w=P((N=(q=P(R),P)(R),R)),k)(w,R,Z(q,R)||Z(N,R))}),381),{})),b),0),270),b,z),b),function(R){Zb(R,3)},395),V)(b,function(R,w,q){k((q=Z((w=P((q=P(R),R)),q),R),q=R8(q),w),R,q)},405),function(R,w,q,N){!A(w,false,true,R)&&(w=rl(R),q=w.J,N=w.AN,R.A==R||q==R.RQ&&N==R)&&(k(w.aQ,R,q.apply(N,w.O)),R.F=R.D())}),234),V)(b,function(R){Zb(R,4)},203),335)),[160,0,0])),206)),0),function(){}),503),V)(b,function(R,w,q,N,u,M,H,r,m,L,X,G){function Q(n,h){for(;q<n;)G|=g(R)<<q,q+=8;return h=G&(1<<n)-1,q-=n,G>>=n,h}for(X=(L=(q=G=(M=P(R),0),(Q(3)|0)+1),u=Q(5),N=0),m=[];N<u;N++)H=Q(1),m.push(H),X+=H?0:1;for(X=(w=(N=((X|0)-1).toString(2).length,[]),0);X<u;X++)m[X]||(w[X]=Q(N));for(N=0;N<u;N++)m[N]&&(w[N]=P(R));for(r=[];L--;)r.push(Z(P(R),R));V(R,function(n,h,Y,NO,t){for(h=(NO=[],0),Y=[];h<u;h++){if(t=w[h],!m[h]){for(;t>=Y.length;)Y.push(P(n));t=Y[t]}NO.push(t)}n.S=Db(n,(n.C=Db(n,r.slice()),NO))},M)},94),b),[]),367)),function(R,w,q,N){(N=Z((q=Z((w=(q=P(R),P)(R),q),R),w),R),k)(w,R,N+q)}),58),function(R,w,q,N,u,M){if(!A(w,true,true,R)){if("object"==R8((R=Z((M=(w=(M=(q=(w=(N=P(R),P)(R),P(R)),P(R)),Z)(w,R),Z)(M,R),q=Z(q,R),N),R),R))){for(u in N=[],R)N.push(u);R=N}for(N=(u=(q=0<q?q:1,0),R).length;u<N;u+=q)w(R.slice(u,(u|0)+(q|0)),M)}}),341),function(R,w,q,N){if(w=R.rt.pop()){for(q=g(R);0<q;q--)N=P(R),w[N]=R.K[N];R.K=(w[253]=R.K[253],w[97]=R.K[97],w)}else k(319,R,R.j)}),327),b),function(R,w,q){w=P(R),q=P(R),k(q,R,""+Z(w,R))},455),function(R,w,q,N,u){for(q=(u=P(R),w=mj(R),N=[],0);q<w;q++)N.push(g(R));k(u,R,N)}),34),117)),T)(4)),205),b,524),0),function(R,w,q,N){N=(w=P((q=(N=P(R),P(R)),R)),Z(N,R)),q=Z(q,R),k(w,R,N in q|0)}),79),[0,0,0])),function(R,w,q,N,u){(q=(u=(N=P(R),P(R)),P)(R),R).A==R&&(q=Z(q,R),w=Z(N,R),u=Z(u,R),w[u]=q,377==N&&(R.G=void 0,2==u&&(R.V=B(32,R,false),R.G=void 0)))}),474),b),function(R,w,q,N,u,M){A(w,false,true,R)||(N=rl(R.A),w=N.AN,M=N.O,q=N.J,u=M.length,N=N.aQ,w=0==u?new w[q]:1==u?new w[q](M[0]):2==u?new w[q](M[0],M[1]):3==u?new w[q](M[0],M[1],M[2]):4==u?new w[q](M[0],M[1],M[2],M[3]):2(),k(N,R,w))},317),b),2048),89)),473)),function(R,w,q,N){k((N=(q=Z((w=P((N=(q=P(R),P(R)),R)),q),R),Z(N,R)),w),R,q[N])}),380),uo)],b),l)([S,I],b),[f2,K]),b),b))},l=function(b,I){I.R.splice(0,0,b)},XO=function(b,I,K,O){try{O=b[((I|0)+2)%3],b[I]=(b[I]|0)-(b[((I|0)+1)%3]|0)-(O|0)^(1==I?O<<K:O>>>K)}catch(y){throw y;}},n2=function(b,I,K){if(3==b.length){for(K=0;3>K;K++)I[K]+=b[K];for(b=[13,8,13,12,16,5,3,10,15],K=0;9>K;K++)I[3](I,K%3,b[K])}},GJ=function(b,I,K,O,y){for(y=(K=K[3]|(O=K[2]|0,0),0);14>y;y++)I=I>>>8|I<<24,I+=b|0,K=K>>>8|K<<24,b=b<<3|b>>>29,I^=O+2298,K+=O|0,K^=y+2298,b^=I,O=O<<3|O>>>29,O^=K;return[b>>>24&255,b>>>16&255,b>>>8&255,b>>>0&255,I>>>24&255,I>>>16&255,I>>>8&255,I>>>0&255]},v=function(b,I,K,O){for(K=(b|0)-1,O=[];0<=K;K--)O[(b|0)-1-(K|0)]=I>>8*K&255;return O},wl=function(b,I,K,O,y,R){if(!b.s){b.v++;try{for(R=(y=(K=b.j,void 0),0);--I;)try{if((O=void 0,b).C)y=hW(b,b.C);else{if(R=Z(319,b),R>=K)break;O=P((k(351,b,R),b)),y=Z(O,b)}A((y&&y[$P]&2048?y(b,I):e([D,21,O],b,0),I),false,false,b)}catch(w){Z(205,b)?e(w,b,22):k(205,b,w)}if(!I){if(b.CI){b.v--,wl(b,216630971487);return}e([D,33],b,0)}}catch(w){try{e(w,b,22)}catch(q){f(q,b)}}b.v--}},rl=function(b,I,K,O,y,R){for(R=(K=((O=(I=b[kP]||{},P(b)),I.aQ=P(b),I).O=[],b.A==b?(g(b)|0)-1:1),P(b)),y=0;y<K;y++)I.O.push(P(b));for(;K--;)I.O[K]=Z(I.O[K],b);return(I.J=Z(O,b),I).AN=Z(R,b),I},vW=function(b,I,K,O,y,R){function w(){if(I.A==I){if(I.K){var q=[F,O,K,void 0,y,R,arguments];if(2==b)var N=C(false,false,(l(q,I),I));else if(1==b){var u=!I.R.length;(l(q,I),u)&&C(false,false,I)}else N=AW(I,q);return N}y&&R&&y.removeEventListener(R,w,c)}}return w},E1=function(b,I,K,O,y,R,w,q){return O=[-9,-48,48,29,-71,-79,O,-95,27,81],R=Vj,q=b&7,y=p[K.h](K.pI),y[K.h]=function(N){q+=(w=N,6+7*b),q&=7},y.concat=function(N){return(w=(N=(N=-46*I*I*w- -2208*I*w+(N=I%16+1,1*I*I*N)+q+46*w*w+O[q+27&7]*I*N- -2944*w+(R()|0)*N-N*w,O)[N],void 0),O[(q+21&7)+(b&2)]=N,O)[q+(b&2)]=-48,N},y},C=function(b,I,K,O,y,R){if(K.R.length){K.I=(K.KI=(K.I&&0(),b),true);try{y=K.D(),K.F=y,K.X=y,K.i=0,O=p2(b,K),R=K.D()-K.X,K.Y+=R,R<(I?0:10)||0>=K.U--||(R=Math.floor(R),K.o.push(254>=R?R:254))}finally{K.I=false}return O}},J=z.requestIdleCallback?function(b){requestIdleCallback(function(){b()},{timeout:4})}:z.setImmediate?function(b){setImmediate(b)}:function(b){setTimeout(b,0)},e=function(b,I,K,O,y,R){if(!I.N){if((b=(K=(0==(R=Z(253,((O=void 0,b)&&b[0]===D&&(O=b[2],K=b[1],b=void 0),I)),R).length&&(y=Z(351,I)>>3,R.push(K,y>>8&255,y&255),void 0!=O&&R.push(O&255)),""),b&&(b.message&&(K+=b.message),b.stack&&(K+=":"+b.stack)),Z)(97,I),3)<b){I.A=(K=(b-=(K=K.slice(0,(b|0)-3),(K.length|0)+3),Qj)(K),O=I.A,I);try{x(162,I,v(2,K.length).concat(K),9)}finally{I.A=O}}k(97,I,b)}},HW=function(b,I,K,O){for(K=(O=P(b),0);0<I;I--)K=K<<8|g(b);k(O,b,K)},FO=function(b,I){return I(function(K){K(b)}),[function(){return b}]},cW=function(b,I,K){return I.B(function(O){K=O},false,b),K},x=function(b,I,K,O,y,R){if(I.A==I)for(R=Z(b,I),162==b?(b=function(w,q,N,u){if((u=(q=R.length,(q|0)-4>>3),R.hN)!=u){u=(u<<(N=[0,0,y[R.hN=u,1],y[2]],3))-4;try{R.bf=GJ(io(u,R),io((u|0)+4,R),N)}catch(M){throw M;}}R.push(R.bf[q&7]^w)},y=Z(230,I)):b=function(w){R.push(w)},O&&b(O&255),I=K.length,O=0;O<I;O++)b(K[O])},TJ=function(b,I){if((I=(b=null,z).trustedTypes,!I)||!I.createPolicy)return b;try{b=I.createPolicy("bg",{createHTML:gl,createScript:gl,createScriptURL:gl})}catch(K){z.console&&z.console.error(K.message)}return b},p2=function(b,I,K,O){for(;I.R.length;){K=(I.g=null,I).R.pop();try{O=AW(I,K)}catch(y){f(y,I)}if(b&&I.g){b=I.g,b(function(){C(true,true,I)});break}}return O},AW=function(b,I,K,O,y){if(O=I[0],O==W)b.U=25,b.u(I);else if(O==E){K=I[1];try{y=b.s||b.u(I)}catch(R){f(R,b),y=b.s}K(y)}else if(O==zJ)b.u(I);else if(O==S)b.u(I);else if(O==f2){try{for(y=0;y<b.l.length;y++)try{K=b.l[y],K[0][K[1]](K[2])}catch(R){}}catch(R){}(0,I[b.l=[],1])(function(R,w){b.B(R,true,w)},function(R){l([$P],(R=!b.R.length,b)),R&&C(true,false,b)})}else{if(O==F)return y=I[2],k(332,b,I[6]),k(356,b,y),b.u(I);O==$P?(b.H=[],b.K=null,b.o=[]):O==uo&&"loading"===z.document.readyState&&(b.g=function(R,w){function q(){w||(w=true,R())}z.document.addEventListener("DOMContentLoaded",q,(w=false,c)),z.addEventListener("load",q,c)})}},MO=function(b,I){return p[b](p.prototype,{pop:I,call:I,splice:I,document:I,replace:I,prototype:I,length:I,propertyIsEnumerable:I,floor:I,console:I,parent:I,stack:I})},Db=function(b,I,K){return K=p[b.h](b.ju),K[b.h]=function(){return I},K.concat=function(O){I=O},K},a,Zb=function(b,I,K,O,y){(((y=(K=P((I&=(O=I&3,4),y=P(b),b)),Z)(y,b),I)&&(y=Qj(""+y)),O)&&x(K,b,v(2,y.length)),x)(K,b,y)},B=function(b,I,K,O,y,R,w,q,N,u,M,H,r,m){if((r=Z(319,I),r)>=I.j)throw[D,31];for(w=r,u=(H=I.fI.length,b),q=0;0<u;)M=w%8,R=8-(M|0),N=w>>3,R=R<u?R:u,O=I.H[N],K&&(y=I,y.G!=w>>6&&(y.G=w>>6,m=Z(377,y),y.W=GJ(y.V,y.G,[0,0,m[1],m[2]])),O^=I.W[N&H]),q|=(O>>8-(M|0)-(R|0)&(1<<R)-1)<<(u|0)-(R|0),w+=R,u-=R;return k(319,I,(K=q,(r|0)+(b|0))),K},P=function(b,I){if(b.C)return hW(b,b.S);return(I=B(8,b,true),I)&128&&(I^=128,b=B(2,b,true),I=(I<<2)+(b|0)),I},d,k=function(b,I,K){if(319==b||351==b)I.K[b]?I.K[b].concat(K):I.K[b]=Db(I,K);else{if(I.N&&377!=b)return;507==b||162==b||17==b||253==b||230==b?I.K[b]||(I.K[b]=E1(54,b,I,K)):I.K[b]=E1(137,b,I,K)}377==b&&(I.V=B(32,I,false),I.G=void 0)},Qj=function(b,I,K,O,y){for(y=(I=K=(b=b.replace(/\\r\\n/g,"\\n"),0),[]);I<b.length;I++)O=b.charCodeAt(I),128>O?y[K++]=O:(2048>O?y[K++]=O>>6|192:(55296==(O&64512)&&I+1<b.length&&56320==(b.charCodeAt(I+1)&64512)?(O=65536+((O&1023)<<10)+(b.charCodeAt(++I)&1023),y[K++]=O>>18|240,y[K++]=O>>12&63|128):y[K++]=O>>12|224,y[K++]=O>>6&63|128),y[K++]=O&63|128);return y},g=function(b){return b.C?hW(b,b.S):B(8,b,true)},T=function(b,I){for(I=[];b--;)I.push(255*Math.random()|0);return I},mj=function(b,I){return(I=g(b),I)&128&&(I=I&127|g(b)<<7),I},K2=function(b,I,K,O){return(O=d[b.substring(0,3)+"_"])?O(b.substring(3),I,K):FO(b,I)},c={passive:true,capture:true},gl=function(b){return b},U=function(b,I,K){K=this;try{JW(this,b,I)}catch(O){f(O,this),I(function(y){y(K.s)})}},hW=function(b,I){return(I=I.create().shift(),b.C.create().length||b.S.create().length)||(b.C=void 0,b.S=void 0),I},kP=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),zJ=[],f2=[],$P=((U.prototype.FY=void 0,U).prototype.T="toString",U.prototype.CI=false,[]),W=(U.prototype.eu=void 0,[]),E=[],S=[],uo=[],D={},F=[],p=(((I8,T,XO,function(){})(n2),U.prototype).h="create",D.constructor),Vj=((a=U.prototype,a.nI=function(b,I,K,O,y,R){for(R=[],K=O=0;K<b.length;K++)for(O+=I,y=y<<I|b[K];7<O;)O-=8,R.push(y>>O&255);return R},a).GP=function(b,I,K){return b^((I=(I^=I<<13,I^=I>>17,(I^I<<5)&K))||(I=1),I)},void 0),PW=(((a.D=(a.B=(a.Mm=function(){return Math.floor(this.Y+(this.D()-this.X))},a.dt=function(){return Math.floor(this.D())},a.Oj=function(b,I,K,O,y){for(y=O=0;y<b.length;y++)O+=b.charCodeAt(y),O+=O<<10,O^=O>>6;return O=(b=(O+=O<<3,O^=O>>11,O)+(O<<15)>>>0,new Number(b&(1<<I)-1)),O[0]=(b>>>I)%K,O},function(b,I,K,O,y){if(K="array"===R8(K)?K:[K],this.s)b(this.s);else try{y=[],O=!this.R.length,l([W,y,K],this),l([E,b,y],this),I&&!O||C(I,true,this)}catch(R){f(R,this),b(this.s)}}),(window.performance||{}).now?function(){return this.DP+window.performance.now()}:function(){return+new Date}),U.prototype.u=function(b,I){return Vj=(I=(b={},{}),function(){return I==b?-64:-17}),function(K,O,y,R,w,q,N,u,M,H,r,m,L,X,G){I=(u=I,b);try{if(y=K[0],y==S){L=K[1];try{for(M=H=(R=(q=atob(L),[]),0);H<q.length;H++)O=q.charCodeAt(H),255<O&&(R[M++]=O&255,O>>=8),R[M++]=O;this.H=R,this.j=this.H.length<<3,k(377,this,[0,0,0])}catch(Q){e(Q,this,17);return}wl(this,8001)}else if(y==W)K[1].push(Z(97,this),Z(162,this).length,Z(17,this).length,Z(507,this).length),k(356,this,K[2]),this.K[376]&&yj(this,8001,Z(376,this));else{if(y==E){(X=(G=v(2,((H=K[2],Z(507,this)).length|0)+2),this).A,this).A=this;try{w=Z(253,this),0<w.length&&x(507,this,v(2,w.length).concat(w),10),x(507,this,v(1,this.L),109),x(507,this,v(1,this[E].length)),q=0,N=Z(162,this),q+=Z(366,this)&2047,q-=(Z(507,this).length|0)+5,4<N.length&&(q-=(N.length|0)+3),0<q&&x(507,this,v(2,q).concat(T(q)),15),4<N.length&&x(507,this,v(2,N.length).concat(N),156)}finally{this.A=X}if(r=((M=T(2).concat(Z(507,this)),M)[1]=M[0]^6,M[3]=M[1]^G[0],M[4]=M[1]^G[1],this).sj(M))r="!"+r;else for(q=0,r="";q<M.length;q++)m=M[q][this.T](16),1==m.length&&(m="0"+m),r+=m;return Z(507,(Z(((k(97,(R=r,this),H.shift()),Z)(162,this).length=H.shift(),17),this).length=H.shift(),this)).length=H.shift(),R}if(y==zJ)yj(this,K[2],K[1]);else if(y==F)return yj(this,8001,K[1])}}finally{I=u}}}(),U.prototype).V2=0,U.prototype).sj=function(b,I,K,O){if(I=window.btoa){for(O=(K=0,"");K<b.length;K+=8192)O+=String.fromCharCode.apply(null,b.slice(K,K+8192));b=I(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else b=void 0;return b},U.prototype.XY=0,/./),o8,BW=S.pop.bind((U.prototype[f2]=[0,0,1,1,0,1,1],U.prototype[W])),xP=(o8=MO(U.prototype.h,(PW[U.prototype.T]=BW,{get:BW})),U.prototype.gt=void 0,function(b,I){return(I=TJ())&&1===b.eval(I.createScript("1"))?function(K){return I.createScript(K)}:function(K){return""+K}}(z));(40<(d=z.botguard||(z.botguard={}),d.m)||(d.m=41,d.bg=O1,d.a=K2),d).LDL_=function(b,I,K){return[(K=new U(b,I),function(O){return cW(O,K)})]};}).call(this);'));
}).call(this);
#4 JavaScript::Eval (size: 22) - SHA256: c4e7ca158015332be1df536c970a209b44cb4744fae720ed1caaefdc87f37f93
0,
function(R) {
    HW(R, 1)
}
#5 JavaScript::Eval (size: 64) - SHA256: 14ed98b8b82987bce49c9e6a0f9b620434ec92ad83e9815037257823fe34071e
0,
function(R, w, q) {
    k((q = (w = (q = P(R), P(R)), R).K[q] && Z(q, R), w), R, q)
}

Executed Writes (3)
#1 JavaScript::Write (size: 152) - SHA256: 6887ab5beb82890d571c8f7c9d474bde94d3912e2b59247bab0fe77d408a026a
< div id = "mainadsdv"
style = "width: 0;height: 0;position: fixed;right: 0px;top: 0px;z-index: 2147483647;margin: 0px;padding: 0px;background: none;" > < /div>
#2 JavaScript::Write (size: 53) - SHA256: 37a501882a0902006f66875d8c34b20dc0cfaf846db08515f5a9bf876db235bf
< input type = "hidden"
name = "sos"
value = "2542563600" / >
#3 JavaScript::Write (size: 344) - SHA256: be90e5b42a6fd1e291a57bc22a8218134a29cbe7bde1bf0a753a19e6146de5b1
< object allowScriptAccess = "always"
type = "application/x-shockwave-flash"
width = "187"
height = "300"
data = "/.s/flash/tagcloud.swf?tcolor=0xFFFFFF&hicolor=0xFFFFFF" > < param name = "movie"
value = "/.s/flash/tagcloud.swf?tcolor=0xFFFFFF&hicolor=0xFFFFFF" / > < param name = "allowScriptAccess"
value = "always" / > < param name = "wmode"
value = "transparent" / > < /object>


HTTP Transactions (172)


Request Response
                                        
                                            GET /news/ljubovniki_po_nasledstvu/2010-02-16-67 HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         195.216.243.180
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14771
Expires: Fri, 25 Nov 2022 08:41:46 GMT
Date: Fri, 25 Nov 2022 04:35:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5462
Cache-Control: max-age=113198
Date: Fri, 25 Nov 2022 04:35:35 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:02:13 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 04:17:24 GMT
cache-control: public,max-age=3600
age: 1091
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8138
Expires: Fri, 25 Nov 2022 06:51:13 GMT
Date: Fri, 25 Nov 2022 04:35:35 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: GbQSV0jg1DdcuFgOfmC50V/x5GvCIRtoTy6NR0TmpldViYl8JX0clyggLEukiX/Qm892lo3v1rE=
x-amz-request-id: FG4W2XGC2BP8WVF1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:40:39 GMT
age: 3296
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 04:35:35 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /news/ljubovniki_po_nasledstvu/2010-02-16-67 HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 7bookbestuCoz=; path=/; expires=Wed, 25-Nov-2020 04:35:38 GMT; Secure; HttpOnly; domain=.bookbest.moy.su 7bookbestnw=QwAaRoBj; path=/; expires=Sat, 25-Nov-2023 04:35:38 GMT; Secure; domain=.bookbest.moy.su 7bookbestuzll=1669350938; path=/; expires=Sat, 25-Nov-2023 04:35:38 GMT; Secure; domain=.bookbest.moy.su ucvid=w1I2q0Mzel; domain=moy.su; path=/; expires=Sat, 25-Nov-2023 04:35:38 GMT 7bookbestpushi=1; path=/; expires=Sat, 26-Nov-2022 03:35:38 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Fri, 25 Nov 2022 04:35:32 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3440)
Size:   13812
Md5:    55a4d46c35fe277b9241cb5be91f239f
Sha1:   5e807a3a3461c150f35637605bd1b93c6ee581e0
Sha256: 18c026b471235f49cf1c3bb50aee442571e9c4865ad8c7325f8689a40ecd3085

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /?uZJ20u1XHhyBllBBae%21LJppTDKDfXOMJ%5ESld23dQzGFThEfJmb%5E6SDAOxGjn7PfhljJ4N6M3XUDFm4BMucRxihnyflYe%21SnL5gbN3rkrSsz2i2MnRCTvy5CMZvvnrTb5Ph5L5f3jx7PZQNrOrQhM48if9FkCIW5R%3BLQQx%21xOl3LzP1GUj0uWLL6Ue1qsUHFDWcsRhrpmpmhy27suvI3aWz0o HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache


--- Additional Info ---
Magic:  ASCII text
Size:   1151
Md5:    ea7ce4b69bb9878f63f87cbdf67820f9
Sha1:   a2bb7867bee3d1dd300e40d9fa4aff8dfe1d9eb7
Sha256: 52812e3b5366d44110a59eb4d7f1b8c8e09ee2ee7bf806b89b29b4eb21df0821

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4552), with no line terminators
Size:   1359
Md5:    9c03edbcbefe3eea8902981444de96f7
Sha1:   ca39997a1765ab084fb7e6740858176b9385c4ca
Sha256: 8487aa6ee4bd261bdf1f5b681cf96d347cd980ed45183c5a2a9571db6c891a08
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /.s/src/social.css HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"61a758f3-9b8"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (442)
Size:   610
Md5:    af855dcd18719bcf0da15a9029755af1
Sha1:   d74d0ed8d96f2ebe46a7671564bf80eea6865103
Sha256: 9add1a323772a7c09260b63a21732472cb0204105c1d2bee763ea1429f0e26e9
                                        
                                            GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Fri, 25 Nov 2022 04:35:36 GMT
date: Fri, 25 Nov 2022 04:35:36 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (905), with no line terminators
Size:   579
Md5:    fe0e23ea2d335147e24f50690aa39c7c
Sha1:   ef74d6655ba8efb294f7ed55e6be16d315381edd
Sha256: fcccb37edb611bf2580bf74646d25e4fb3660d305c66de3c8571bedfc2dac228
                                        
                                            GET /.s/src/base.min.css HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Last-Modified: Tue, 11 Oct 2022 13:44:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63457350-5f7b"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (24443), with no line terminators
Size:   6143
Md5:    629527310ba26cfc236c016e14662321
Sha1:   7a87daed5934db9729f12653e67c8de9d4365d58
Sha256: 134e836199a74c0b501c4e1a46dd3625f4696dc608d1052136ee455c2c2d2509
                                        
                                            GET /?y2j573q99VIB0Y%5EjavXeuWO5CvJy03lSeIXTM%3B8nb%5EjygjSCXJYn87bIFDFMFh9XRkNyPmjsVdbpkbgmzb1EwD1aez2C5QaTLTWi48fIZk8LaCGWBy5ZW3P%5ET6B3f2a9pHwQugzn3%3B1XH8vbzWfJvL3vcfQOvdWQ8052OHMWCrda1RJGZBZjjsV0XnzKisWXGUUrf58%21cM5%21mpECPn8%21uB9UUwoo HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache


--- Additional Info ---
Magic:  ASCII text
Size:   811
Md5:    4a33e7cd7558f3f5a86d0fc27aee8c90
Sha1:   50fc0ad44d3917690997ca278091e53d0d575362
Sha256: d6304d22c2821d367e3697cb9fa4e6dbeb093b8634fccd35312664d30d72b330

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/src/layer7.min.css HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Last-Modified: Thu, 24 Mar 2022 08:18:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"623c2953-63fc"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (25596), with no line terminators
Size:   7066
Md5:    3c1935984757d00f76ff96d9829e2f6d
Sha1:   7dd11a9eb28ccb100f044ed513c077820689ccd5
Sha256: a1c0d21bfbcfb164e9029fa989f63926eba780cc6e780322ebdf88040c45ec1a
                                        
                                            GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-5713"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (22291), with no line terminators
Size:   7632
Md5:    3bb3aaa5262067cec461b32298975b05
Sha1:   4e11bfe49cd05fcdbd1e692fc87788da07e62161
Sha256: 61fa91bb508bfda7ee487ffaf0e38aa71cfab1ce78bb108d6c6140dc9b35ab22

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /widget/?44;187|300|1 HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: private
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (347)
Size:   462
Md5:    ba3c41a6b7538c0ecfdffa1cc0f3da81
Sha1:   565386dd26f9a3145e600569a97898b740da0f08
Sha256: adfc7183deffa6e4c51916693cf44b233c0c2183b1ed33ed6774cbadfa4c8ee5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /.s/src/jquery-3.6.0.min.js HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Last-Modified: Thu, 01 Sep 2022 17:44:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef65-15d9d"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30947
Md5:    08df9f54c9e2e91db3aadc1baff368a5
Sha1:   a8e6c9343489d3c36cf262a10f59d22540248c49
Sha256: 417453d1fcaba01d9543b7649fc12ee865e118714d5f86a8316216e9bb4fdd20

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.235460457033099 HTTP/1.1 
Host: s39.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15

                                        
                                            GET /src/css/391.css HTTP/1.1 
Host: s39.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Last-Modified: Thu, 01 Sep 2022 17:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef67-3d03"
Expires: Mon, 05 Dec 2022 04:35:38 GMT
Cache-Control: max-age=864000
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   3333
Md5:    52b25cf92bece12fe84f38fb75490182
Sha1:   2753bd3926ecb6206bf572ce9adac4ddce0c6062
Sha256: 0197642ffb4de6ebc22c87aaf09ffb7929e568c52e9f1ae813b9cabee65180f9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 1465
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /loader.js HTTP/1.1 
Host: news.2xclick.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         93.95.100.117
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Fri, 25 Nov 2022 04:35:36 GMT
Content-Length: 28651
Last-Modified: Thu, 24 Nov 2022 08:43:27 GMT
Connection: keep-alive
ETag: "637f2eaf-6feb"
Content-Encoding: gzip
Expires: Sat, 26 Nov 2022 04:35:36 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Set-Cookie: uid=XV9kdWOARhhuswZ0wICsAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; secure; SameSite=none
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (649)
Size:   28651
Md5:    d412dfde8b3c9b4594486933fe691fd5
Sha1:   9e933308f7ff26c90b3328ce1cca980febbfcc96
Sha256: 7b7b3e5e5db4c0be1af13951310ef2695d18b29c7eaa10ab07929db429d97c08
                                        
                                            GET /.s/src/uwnd.min.js HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   56796
Md5:    20adfead3a54ad11599adb1bab3d6fc6
Sha1:   23bb516448d5c643cb186ad9aec426388aa79dfd
Sha256: b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/t/391/12.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 5234
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-1472"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 584x39, components 3\012- data
Size:   5234
Md5:    d15c784f083de55303da69f38b22725f
Sha1:   6b36fc9c63b1abd64659a7263b6740ccf3178a75
Sha256: 4d86d7e330caca254a573b8d495565b0bcc08c291bb6b3144def01be5c8e3c0c
                                        
                                            GET /.s/t/391/2.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 5997
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-176d"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 243x52, components 3\012- data
Size:   5997
Md5:    905c63d8db738e737aaac1cdede28f44
Sha1:   0d1db52b402d960d3d138477c0631b33b43e5a5c
Sha256: 995ad5aac3a8c9693c0ff6ddf23fa70c45c404c7044a17455984673f4f4d7572
                                        
                                            GET /.s/t/391/10.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 2390
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-956"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 85x47, components 3\012- data
Size:   2390
Md5:    5c6e00d11f4d99ab4a8ffc646e408f5d
Sha1:   f40655ed4f1772bdbd39419b466e617e4dcc4961
Sha256: d2b5c06538e5c7fef2c35253b304a2ef625c721b53c5373afea363c53851ef2c
                                        
                                            GET /_nw/0/25334825.jpeg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 6631
Last-Modified: Sun, 24 Jan 2010 10:59:32 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5c2814-19e7"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 180x206, components 3\012- data
Size:   6631
Md5:    4c05f00bebe423364aabbc7071394622
Sha1:   639ad4b5c30f4437c73f0d63cd220d6246e6185b
Sha256: 6fdc7f71b6a04f113d48fc2136d0e981214e6a0199efa9a9c997518508fb22ba

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /IIPoqpuJIb/noavatar.png HTTP/1.1 
Host: www.dom-cs.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         193.109.247.16
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.8.0
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Size:   2656
Md5:    7d61f3d2524ddb2261ce5294fcffacd9
Sha1:   9215626f645f1310a7ade9e639b3694377b4e945
Sha256: de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
                                        
                                            GET /IIPoqpuJIb/User.png HTTP/1.1 
Host: www.dom-cs.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         193.109.247.16
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.8.0
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Size:   2656
Md5:    7d61f3d2524ddb2261ce5294fcffacd9
Sha1:   9215626f645f1310a7ade9e639b3694377b4e945
Sha256: de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
                                        
                                            GET /IIPoqpuJIb/Sys.png HTTP/1.1 
Host: www.dom-cs.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         193.109.247.16
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.8.0
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Size:   2656
Md5:    7d61f3d2524ddb2261ce5294fcffacd9
Sha1:   9215626f645f1310a7ade9e639b3694377b4e945
Sha256: de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
                                        
                                            GET /IIPoqpuJIb/Shutdown.png HTTP/1.1 
Host: www.dom-cs.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         193.109.247.16
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.8.0
Date: Fri, 25 Nov 2022 04:35:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Size:   2656
Md5:    7d61f3d2524ddb2261ce5294fcffacd9
Sha1:   9215626f645f1310a7ade9e639b3694377b4e945
Sha256: de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
                                        
                                            GET /.s/t/391/4.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 2674
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-a72"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 85x52, components 3\012- data
Size:   2674
Md5:    67f02e17f659da8d123bbfbf8da9ffa5
Sha1:   409105f11bd7bf14d3302c75623ac48f94ea7238
Sha256: 47e60cb92fd6f60ee3a845844d4d3851c474e9e2ecdb07bd9c93637cbde55301
                                        
                                            GET /.s/t/391/8.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1361
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-551"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 85x44, components 3\012- data
Size:   1361
Md5:    f803d7998f68c346ddb944ac3fe225a5
Sha1:   c9ea8f54f1d2f4c3fca9cf5665b3a6572253ff80
Sha256: 5b70223b14223a96ce3178d255f8c2d5d8e94d6566d88e8d3809d1f3a05f4642
                                        
                                            GET /.s/t/391/21.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1134
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-46e"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 35 x 36\012- data
Size:   1134
Md5:    006ca33d48abc4b4e7206d2fd4d101a6
Sha1:   6c097ac43ccaa5de05be63694df85536e88db536
Sha256: 932ef7e44a591e174b56d1658fd1da34693804a81b72c99fce5ec481402a48f1
                                        
                                            GET /_nw/0/81715957.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 16031
Last-Modified: Wed, 17 Feb 2010 08:33:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b7ba9ef-3e9f"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x300, components 3\012- data
Size:   16031
Md5:    ee69377e1846991c3c675f6de246b08a
Sha1:   8da81a3ddfe3de9eacf32c590854af6667b71520
Sha256: adc0acb21dc8a527e799506c5d14b5c76e25f64fa166618ee03acfcc603ab890
                                        
                                            GET /_nw/0/45093900.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 18061
Last-Modified: Thu, 18 Feb 2010 14:28:49 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b7d4ea1-468d"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 320x305, components 3\012- data
Size:   18061
Md5:    24d8e4bb5a895ee2b8c1b3172df026da
Sha1:   ede013d0039ff70f6da125f83bf46b7be343bad9
Sha256: 91eaac21babaf3f03cf9154fc903f0e42ba79ff0e2c050695867a82687ea9c11
                                        
                                            GET /zakladka.gif HTTP/1.1 
Host: ne-gnevi-boga.at.ua
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         195.216.243.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:36 GMT
Content-Length: 52395
Last-Modified: Sun, 27 Feb 2011 15:04:29 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d6a67fd-ccab"
Expires: Thu, 15 Dec 2022 04:35:36 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 160 x 200\012- data
Size:   52395
Md5:    79661d7b30bdb0ea4688d0a40929fc7d
Sha1:   2f1809d3c01c34041ef56ceee85bf3c3a4cc9882
Sha256: 212533593660c9c10e463945be6302740149ba08f683f545677379e75e8993cf
                                        
                                            GET /_pu/0/53107055.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 20248
Last-Modified: Mon, 15 Feb 2010 13:00:01 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b794551-4f18"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x319, components 3\012- data
Size:   20248
Md5:    ffa1ff4465c63141b40f70c9fa4e468f
Sha1:   ca93797dd7a75261f846a2a1a4d84a887c59efe1
Sha256: 2818c109a9889e9e2e7617233b5382bb36b75368f1281ac841edf4e481954d7d
                                        
                                            GET /.s/t/391/13.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1317
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-525"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 85x39, components 3\012- data
Size:   1317
Md5:    95075a42a6a20677607b89d55c775c4a
Sha1:   0a161b4ea2b7b375511b743c8bb503b3d2885d7e
Sha256: 4ff10f0658c9a7c0f0f338ee82c997c723d4457f1f1c7bd63e0c88ad57cc62d9
                                        
                                            GET /.s/t/391/11.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 4052
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-fd4"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 243x39, components 3\012- data
Size:   4052
Md5:    03f6748c75ecc1a4f3a7e323ecaaf850
Sha1:   9faa14df051268d2ff3228fddfa3f07a5cda4bd6
Sha256: b46ecc25e10f6afb3f5ce8c9223d8dd03dc62aa0bd25291fbda578afd3099ae5
                                        
                                            GET /_bl/0/38628568.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 44175
Last-Modified: Mon, 25 Jan 2010 09:53:49 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5d6a2d-ac8f"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 300x472, components 3\012- data
Size:   44175
Md5:    55f2c01c2481dc3b707d5a33cdbdc5f8
Sha1:   db5de4ce78389a7d721b09c4840750da21f76b8e
Sha256: 2c2f935077097cb812050a8e27fdc44f474509120608818634b7d12a2fae49f8
                                        
                                            GET /_bl/0/08431243.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 17878
Last-Modified: Fri, 19 Feb 2010 08:47:07 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b7e500b-45d6"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x297, components 3\012- data
Size:   17878
Md5:    c2b73fff80d127e802b391aecec7053b
Sha1:   7bd519c337a47050156da5796f43988177c8a2da
Sha256: 1b31ad1c0d765a453c410b78bbd97bcb139796e04599ef92bb6e895e02631d0b
                                        
                                            GET /_bl/0/32061518.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 13784
Last-Modified: Mon, 25 Jan 2010 09:39:17 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5d66c5-35d8"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x201, components 3\012- data
Size:   13784
Md5:    c0ab58908a6eddafe706a44da1ab54bd
Sha1:   eecf7fcb4d0c211fe2709c3f09d0ecac497aa204
Sha256: 7420d0b3caf45ced1569a2cd04866c7a4ce9466d9d14b8fcb694f43ed402a40c
                                        
                                            GET /_bl/0/27963026.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 18184
Last-Modified: Mon, 25 Jan 2010 09:45:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5d684c-4708"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x306, components 3\012- data
Size:   18184
Md5:    fd228a64bca6a4d685b75492173faefd
Sha1:   0be0dacd60890d4cd0a3cf1e50ff4710b8ef65c0
Sha256: 13b2c93fb04937edf0edf50934ea7fcc07a7ebec45073d3e7526da5e1054bf51
                                        
                                            GET /news/_nw/0/08748270.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Size:   2656
Md5:    7d61f3d2524ddb2261ce5294fcffacd9
Sha1:   9215626f645f1310a7ade9e639b3694377b4e945
Sha256: de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
                                        
                                            GET /_bl/0/47517339.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 17378
Last-Modified: Sun, 24 Jan 2010 12:56:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5c4393-43e2"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x310, components 3\012- data
Size:   17378
Md5:    f249efbea7b5808ac875b49e0d04ea0a
Sha1:   ec5bb1de9e7893a89ac03bf7d93459dbc9958933
Sha256: 67666a5bd26f915591a649eaedf18f679b5636f0bf710251db0ee058a5d9200e
                                        
                                            GET /_pu/0/87058159.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 8230
Last-Modified: Sun, 14 Feb 2010 11:40:19 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b77e123-2026"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 164x198, components 3\012- data
Size:   8230
Md5:    4eb13370e8c94051cf4d64a3f0c206bc
Sha1:   464e2b1813623ec64a9ef12216d088ee214bbf4d
Sha256: 4eed4991cc639b39c3a4c00fd8112432a977915d940658782386344cbf4de473
                                        
                                            GET /_pu/0/65732298.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 48185
Last-Modified: Sat, 20 Feb 2010 11:39:43 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b7fc9ff-bc39"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 500x447, components 3\012- data
Size:   48185
Md5:    85f49ac2f2c62d2801e3761ce3b92945
Sha1:   bb4e1580439ad74ef4e0692a1d336fffd4d2137c
Sha256: e3a6d4d39b1444cb0fa1a961eaa46dab0b3882c5b56a2f9033b7d9e695c54b3d
                                        
                                            GET /.s/t/391/5.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 9724
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-25fc"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 243x91, components 3\012- data
Size:   9724
Md5:    fa60210507c4eb1c7fbb677065b4da72
Sha1:   baef120081df10990be333a0a0671718c8b7dd15
Sha256: c1cec72e00ccd7ab0e0077e89cb9c2b8d81accf637f693dd946c849b7cdfc17c
                                        
                                            GET /stat/1669350938 HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 31\012- data
Size:   393
Md5:    234a79a2647de89920ad9250248ac6c2
Sha1:   0632b2895ac0a383a60302ec467d2933613225f5
Sha256: fe3399a7ccb82937997f3241dcdd2921663278e5ad79e95a604b0cf4434bcab7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /_pu/0/96033566.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 11748
Last-Modified: Sun, 14 Feb 2010 10:38:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b77d2a2-2de4"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x269, components 3\012- data
Size:   11748
Md5:    2e9214a9af94110951dee0401393f83e
Sha1:   c6c62542cd09fac61d753b75e351bc1b13265eed
Sha256: a6814d60c126a397c512fbbd5ff9546f94886230f78f0c97b98f41eccd3c6989
                                        
                                            GET /.s/t/391/1.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 11746
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-2de2"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size:   11746
Md5:    f82a4b02e693b0d0d73eaf4f718c92f9
Sha1:   2da7d61df32645b4bb73796cd6b4c24124fd53b6
Sha256: 114b5ebf1a47bd8b53faf179ade25effb106a20fdaf4b400186e27d63b5e5f71
                                        
                                            GET /.s/t/391/3.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 12268
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-2fec"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 584x52, components 3\012- data
Size:   12268
Md5:    4043c965cedec413361e721422f01f45
Sha1:   2975327ef9807f5e08e8ab8d0e6ab976e23de6fb
Sha256: 0d3d6e6c45b18c0266a40a8fa898a76bc4aebcd4cc31d99574267117bcb00768
                                        
                                            GET /.s/t/391/6.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 10760
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-2a08"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 584x91, components 3\012- data
Size:   10760
Md5:    ae998a9a2684ba449f9bca8e3255b5fa
Sha1:   cb21ab8bd8cbb1e4cabdf76e441b39643db9a68b
Sha256: 73b44a36cc3b4c241e6e0438c78ba658581e002f7b04e3ebf52b07383ad43b4d
                                        
                                            GET /.s/t/391/14.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 5277
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-149d"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 217 x 41\012- data
Size:   5277
Md5:    ecd5d8e3aac31bd5fbcf2fc76552b568
Sha1:   4993f24e30d64611018ae9729876671ab849eb14
Sha256: 1f07a4b76ca648941d5d7095d2f2cb1b032519d691fbf7dd0634f0974adb97ec
                                        
                                            GET /.s/img/icon/social/u.svg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 612
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-264"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   612
Md5:    1e726893f02be39b70d24d502a3a9998
Sha1:   98c6fcf43a67426ed7e9c7a839e8115494ca8072
Sha256: d0608cf0c4aff79f20a198427f7df73300d643face9bea72b8d406b432b84df9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/t/391/16.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 4324
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-10e4"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 204x135, components 3\012- data
Size:   4324
Md5:    b9af8a7da3c70e4c0bdd2fccd8dc3c8b
Sha1:   589233619946f502db5d3fe73323b700b0ecd3d4
Sha256: 96fd85de1dac3f01685863f76493c7a21dce80d452e8bbe7dfd045f282738934
                                        
                                            GET /.s/img/icon/social/vk.svg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 772
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-304"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   772
Md5:    7c4eb8cae0b565c023c4406add5f8041
Sha1:   079ce5d3277df672b57a73476a28d0bf0b1c1fe2
Sha256: 05a3f8587400860aa87bb18c9a9cd5b22a45ca4fc4a37a7922d29e48549b2fc9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/img/icon/social/fb.svg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 611
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-263"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   611
Md5:    d178cc46dcbcf2b6f19445674fe3fe58
Sha1:   26f9747489d9e796926f7bbe11817c420afda3af
Sha256: a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/img/icon/social/ya.svg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 660
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-294"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   660
Md5:    7676c3eee5bd955efe08fd05367a443b
Sha1:   595e4e8dbf5ff472606434d0f45806d088de4c0c
Sha256: b72d3f61ac56b4aa27bad5769589705004aff1f0ad341785ca72dc46ba16de5b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /200x40.png HTTP/1.1 
Host: www.seven-zone.3dn.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         195.216.243.180
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://www.seven-zone.3dn.ru/200x40.png
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /.s/img/icon/social/gp.svg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 550
Last-Modified: Fri, 01 Feb 2019 12:57:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c544236-226"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (534), with no line terminators
Size:   550
Md5:    10d296226de121de55180e5b1b7d9d49
Sha1:   5980293f4f290734d09459d068a8c3996e43fe40
Sha256: a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/t/391/19.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 3000
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-bb8"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 194 x 36\012- data
Size:   3000
Md5:    f11ff969570093d71ab245c2896e1e03
Sha1:   37cbd930cd4ce12782db74baf5274bad3af04b6e
Sha256: 904c098d5ee7b2ca39da7ab02892427c748a8c4b099099846ef10dae1b13a4b1
                                        
                                            GET /.s/img/icon/social/ok.svg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1858
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-742"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   1858
Md5:    08bbc2fa9b08463b0d061041d62b408e
Sha1:   370c53ccc3edd296cd35fb9e3de20dabfdae78d9
Sha256: e1369586f1d82834ecc0ccab2f5f1a6f7565f2c715243d956bd7eb1404c8fba9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/t/391/22.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1733
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-6c5"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 35 x 84\012- data
Size:   1733
Md5:    70487ef2a47b0e8560de37d270f4f8b6
Sha1:   2de8dfadc85e88dc39811a8aaea7453f8f22e21b
Sha256: 25a3607aa4b997e6b110851955ad7573602431972771fb915a9cfd4e99a0bfef
                                        
                                            GET /.s/t/391/25.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1881
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-759"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 109 x 36\012- data
Size:   1881
Md5:    a2af2f3cdb346849a3b412b94ccb613f
Sha1:   72f3fb9b6dc0a504a33f5db129823e249e292279
Sha256: 92d277b1994f526d40c7efda62c9aad4cf018d1fc28373a66732d44ac19349d0
                                        
                                            GET /.s/t/391/31.gif HTTP/1.1 
Host: s39.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s39.ucoz.net/src/css/391.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 398
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-18e"
Expires: Mon, 05 Dec 2022 04:35:38 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 15 x 15\012- data
Size:   398
Md5:    f0ff5cd90f9c1369329d76b3d6fee20e
Sha1:   749314dc214b24284aa779a3c280ba3e68834037
Sha256: 7121d935644b856ce3c00c1646b61ed00c39ae468e4e9c5a3af0d9e16f0bcfb9
                                        
                                            GET /.s/t/391/32.gif HTTP/1.1 
Host: s39.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s39.ucoz.net/src/css/391.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 65
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-41"
Expires: Mon, 05 Dec 2022 04:35:38 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 10 x 13\012- data
Size:   65
Md5:    48424855072e84dd95ebb222fe3aec9e
Sha1:   f7732c14ebc3aa5deb7a6bcb0e8ddaa7a21d7471
Sha256: 3b6ac93f722df18f7b14319258328a097c3f44252ce3286abcbedb9c5bb6c4f9
                                        
                                            GET /.s/img/stars/3/12.png HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1161
Last-Modified: Mon, 21 Nov 2022 12:38:37 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b714d-489"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 12 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   1161
Md5:    350693463200bbe9388eec7d1a208289
Sha1:   9a310a7dd3c068636b224d253e0df9ce09784df2
Sha256: aa22bfd07d6d73ee1e2fc304bf81625c716e83f81e1dfc044560b54595bdec28
                                        
                                            GET /.s/img/sh/wait.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/base.min.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 265
Last-Modified: Mon, 21 Nov 2022 12:38:33 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7149-109"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 32 x 8\012- data
Size:   265
Md5:    c44da6bb38458d2c57e23104c53d8e05
Sha1:   5e9352aa3d0b522fff659c48299d1b3006c78f47
Sha256: 163da6b91f78ccad8c824ef31e5dbd2a89fb8d93f2381d43faa96acf502ca3e8
                                        
                                            GET /.s/t/391/23.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 2262
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-8d6"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 35 x 121\012- data
Size:   2262
Md5:    22bd2ad9b32cc958086cdc7c55459836
Sha1:   d5cadbfa878635cbf9df3e21a43beded2cd7cdee
Sha256: b34e4337ee005a7fd112629ba4278ee82aaccc43825f16a1da58664566ebbab6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3019B8D14E9C7CCAC27D13B596EB86104F6F6E78445879CC8ACEB8E0CC22F1AD"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7076
Expires: Fri, 25 Nov 2022 06:33:32 GMT
Date: Fri, 25 Nov 2022 04:35:36 GMT
Connection: keep-alive

                                        
                                            GET /.s/t/391/15.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 4355
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-1103"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 217 x 28\012- data
Size:   4355
Md5:    50a7df02972d0361f129981184ba0b7d
Sha1:   e5313a2938bb7483ab9af64e2c190fd92d04458c
Sha256: 6ed7d3115c990a58ee4712a3f97088d80466f84bd7cd9a4da6698518fb83fbfd
                                        
                                            GET /.s/t/391/33.gif HTTP/1.1 
Host: s39.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s39.ucoz.net/src/css/391.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 48
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-30"
Expires: Mon, 05 Dec 2022 04:35:38 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 5 x 5\012- data
Size:   48
Md5:    9750eb0573078058e4687dcba2794e89
Sha1:   e12a68b54a9eb1373083c1c35e020ec1b1561c16
Sha256: b429a2de9dc7b091cb845285fab32e6004b12b5fbdcd66e43e9d34cba5b9e0a3
                                        
                                            GET /.s/t/391/17.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 4347
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-10fb"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 217 x 28\012- data
Size:   4347
Md5:    04953855b4c2e80dd26ccc83cba263c5
Sha1:   3195fd297c6d30e50c0d6cd08e926e43eee5c644
Sha256: 01855d6c4994e270975628b0e08696aa45956ce1cd421357e66bd59c58ed0844
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3019B8D14E9C7CCAC27D13B596EB86104F6F6E78445879CC8ACEB8E0CC22F1AD"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7076
Expires: Fri, 25 Nov 2022 06:33:32 GMT
Date: Fri, 25 Nov 2022 04:35:36 GMT
Connection: keep-alive

                                        
                                            GET /.s/t/391/18.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1135
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-46f"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 35 x 36\012- data
Size:   1135
Md5:    eb99082b0574634faab224860e50f12e
Sha1:   b45a5ad52fdc936f09be4044916eca9319cc4421
Sha256: 9a68e9c1ed6af4f9255a29d7849bbb712c603e7b4e4b3955c2632c15ad1c0579
                                        
                                            GET /.s/t/391/20.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 4731
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-127b"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 277 x 36\012- data
Size:   4731
Md5:    1a3abe4f6ca8db93b93110a5b4f7a5f9
Sha1:   f58603e4a1cf8511527c2de7fcc87309d669b100
Sha256: bc76500c2f81cda5509175393b61593f6ef998b4422cf0371f853da175eef9d4
                                        
                                            GET /.s/img/icon/thumbu2_.png HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 200
Last-Modified: Mon, 21 Nov 2022 12:38:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7140-c8"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 12 x 10, 8-bit/color RGBA, non-interlaced\012- data
Size:   200
Md5:    6ddcef35af64306e1a5c565e9ad6d345
Sha1:   7af92db5caa84bc8885fa4eb944e2e435bc280d0
Sha256: 631351c46214f59ec4af48f9fcccecfbe1209b76265900431ba1c7a74acb92ec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4698
Cache-Control: max-age=107371
Date: Fri, 25 Nov 2022 04:35:36 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:25:07 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /.s/img/icon/thumbd2_.png HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 212
Last-Modified: Mon, 21 Nov 2022 12:38:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7140-d4"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 12 x 10, 8-bit/color RGBA, non-interlaced\012- data
Size:   212
Md5:    250cd363aa4f1f290624d43d4f71d762
Sha1:   3fc6e82c8eb89610a6aaaa90b5f91449df94bb74
Sha256: 92b935b6112c66bdeb8051cc585d945fe8e3fd9e470300720d12821a4617fc86
                                        
                                            GET /.s/t/391/26.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 5361
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-14f1"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 299 x 36\012- data
Size:   5361
Md5:    a49be591ac6caefba84c1b5f1c7e49e2
Sha1:   7b4d58c138523c81de9f2dff6e3500e626963b18
Sha256: ea3b57f7d4db0985df22637de9b34c7c2745b00609eaf83dda3ee0da34fbb566
                                        
                                            GET /?JmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%5EiQuzdBhqO5B0SCBEkNbRDhT0gjezwBhIfMZh6kSAfmsJ7EA0UwZ%5Ewoo HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   800
Md5:    2e171d137fe10e8019774ec3983057b2
Sha1:   f7d706f1498308d9d5e6b4ee952e45045bd1c81c
Sha256: ebcdfadeba8fe9b659d095327de5958e4512fcea839be792599504643948ed53

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /.s/t/391/27.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1141
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-475"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 35 x 36\012- data
Size:   1141
Md5:    5d9bfcc18f29bae9e566ff529b4271d2
Sha1:   606caadd96ab0b1452d2bbb9445aebcc5b0e3686
Sha256: c2a3a61df5444a996a2ed6dc17b989b80b8a61f3309a53e8317fc1e2a6a637ee
                                        
                                            GET /.s/t/391/24.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1136
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-470"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 35 x 36\012- data
Size:   1136
Md5:    5605b9e93b375c1cab4221b5f089090f
Sha1:   6658c89e0955bb8f358f24f224f3854bda4c80f6
Sha256: 60ba66dbaa82fd6a2fd8f3ea2e838836673fb7ddaed9a2e73351822342767121
                                        
                                            GET /adv/dummy/000/css/style.css HTTP/1.1 
Host: s39.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a36fd-19eb"
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1564
Md5:    50406c447ccad47ca9e5d53eff612ffb
Sha1:   16e3921585135a87a1066689c9c67a312d96c92d
Sha256: 01a0732bba96fb38be885a1d233fecf52e32c7e07e48cd05f6f07a3690ea304c
                                        
                                            GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1 
Host: s39.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fd-11e9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Size:   4585
Md5:    14d37a3409afc2c450c62b97bc8019da
Sha1:   43fc12bf16a292d6d10b17ab7d1e37785288858c
Sha256: fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2
                                        
                                            GET /.s/t/391/28.gif HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 9903
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-26af"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 106\012- data
Size:   9903
Md5:    cee34dc8f64c0692eafbd12a9fa74d20
Sha1:   71b64639df9a89124662fa971c1d0b4f6143a16a
Sha256: ae3b93e61d0223ece863fe18510355b3676ab928461ef01d7e90be66d09ec41d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C92A2A8386FDDA2606795B9A1611E28C1514DEECD4C9AEA85BE6AF562BFCF221"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12836
Expires: Fri, 25 Nov 2022 08:09:33 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED30399343CF6FFC75D083CB07E3FD761F7498F1AFF1A242FF3B938BD85C145A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Fri, 25 Nov 2022 07:55:53 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED30399343CF6FFC75D083CB07E3FD761F7498F1AFF1A242FF3B938BD85C145A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Fri, 25 Nov 2022 07:55:53 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive

                                        
                                            GET /match/1/?cb_url=https%3A%2F%2Fhdbcode.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent= HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.220.27.135
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 0
location: https://hdbcode.com/setuid?IMI6tnJzixXIWP3jjeTh
set-cookie: jcsuuid=IMI6tnJzixXIWP3jjeTh; expires=Sat, 25 Nov 2023 04:35:37 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Kshi195rPMDTKGuq/0ozCg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.69.31
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u52a50Ofh8vzRNpLtHQc9BX/QUs=

                                        
                                            GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1 
Host: themes.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bookbest.moy.su
Connection: keep-alive
Referer: https://s39.ucoz.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: font/woff
                                        
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 60332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 15:09:24 GMT
expires: Wed, 22 Nov 2023 15:09:24 GMT
cache-control: public, max-age=31536000
age: 221173
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Size:   60332
Md5:    0d6d6ae28614efe13ec053eaeef473c1
Sha1:   20cd1c419ba0763bb4bbb1435bc0aed00452af2e
Sha256: 5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
                                        
                                            GET /?src=ujs6 HTTP/1.1 
Host: rot.spotsniper.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.172.81.160
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    7215ee9c7d9dc229d2921a40e899ec5f
Sha1:   b858cb282617fb0956d960215c8e84d1ccf909c6
Sha256: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
                                        
                                            GET /?src=ujs6&s_subid=btn HTTP/1.1 
Host: rot.spotsniper.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.172.81.160
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    7215ee9c7d9dc229d2921a40e899ec5f
Sha1:   b858cb282617fb0956d960215c8e84d1ccf909c6
Sha256: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
                                        
                                            GET /setuid?IMI6tnJzixXIWP3jjeTh HTTP/1.1 
Host: hdbcode.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bookbest.moy.su/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.98.54.153
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 74
set-cookie: dmpUid=IMI6tnJzixXIWP3jjeTh; expires=Sat, 25 Nov 2023 04:35:37 GMT; domain=hdbcode.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   74
Md5:    9e24e19b024c44b778301d880bd8e6f4
Sha1:   d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
Sha256: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322613&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567 HTTP/1.1 
Host: hdbcode.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bookbest.moy.su
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

search
                                         185.98.54.153
HTTP/2 200 OK
                                        
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://bookbest.moy.su
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322502&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567 HTTP/1.1 
Host: hdbcode.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bookbest.moy.su
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

search
                                         185.98.54.153
HTTP/2 200 OK
                                        
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://bookbest.moy.su
X-Firefox-Spdy: h2

                                        
                                            GET /adv/dummy/000/img/bg.gif HTTP/1.1 
Host: s39.ucoz.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s39.ucoz.net/adv/dummy/000/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fd-4f4"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 485 x 3\012- data
Size:   1268
Md5:    b19967d808ed7c42b41316d6c8474f55
Sha1:   18d80748bd4041b13a3373a429281ec65347a0e2
Sha256: 16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50
                                        
                                            GET /_bl/0/26046471.jpg HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Length: 19961
Last-Modified: Sun, 24 Jan 2010 12:49:01 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5c41bd-4df9"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 250x250, components 3\012- data
Size:   19961
Md5:    7413fe00cb76a94e0b852aa654dd0ace
Sha1:   7add729c4118805308aef03e72d4915bfd51c09f
Sha256: 8d66fc26d594d911b114346304b2db3bc996736285348165601c5cb07a0f877e
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:20:33 GMT
ETag: "69165ad38149a340aaba84e198cf792dddbbbb93"
Last-Modified: Fri, 25 Nov 2022 02:20:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3335
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7adbd785db4fa-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    a77fc3778b437a40010bfe083464e46b
Sha1:   69165ad38149a340aaba84e198cf792dddbbbb93
Sha256: 1c5aa97c33e91634bbfb0b3607560efef5d45069ab09f4a89f0e8b5de64abc61
                                        
                                            GET /hit;ucoz_topline_worldwide?rhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;s1280*1024*24;uhttps%3A//bookbest.moy.su/%3FJmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%255EiQuzdBhqO5B0SCBEkNbRDhT0gjezwBhIfMZh6kSAfmsJ7EA0UwZ%255Ewoo;1669350936637 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         88.212.201.204
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Length: 43
Connection: keep-alive
Expires: Wed, 24 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    fc94fb0c3ed8a8f909dbc7630a0987ff
Sha1:   56d45f8a17f5078a20af9962c992ca4678450765
Sha256: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
                                        
                                            GET /match?id=158&vid=IMI6tnJzixXIWP3jjeTh HTTP/1.1 
Host: dm-eu.hybrid.ai
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         37.18.103.21
HTTP/2 204 No Content
                                        
date: Fri, 25 Nov 2022 04:35:37 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=a47800a53901b929164a; expires=Sat, 25 Nov 2023 04:35:35 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 528
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "905E3845C43132A77DC31FADF25F941E55F585C52A3AA57ED47F2200AD8B4AF7"
Last-Modified: Thu, 24 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2923
Expires: Fri, 25 Nov 2022 05:24:20 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive

                                        
                                            GET /smc?s=22&u=IMI6tnJzixXIWP3jjeTh HTTP/1.1 
Host: z.cdn.adtarget.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         212.32.253.229
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 25 Nov 2022 04:29:25 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322613&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567 HTTP/1.1 
Host: hdbcode.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://bookbest.moy.su
Connection: keep-alive
Cookie: dmpUid=IMI6tnJzixXIWP3jjeTh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.98.54.153
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://bookbest.moy.su
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5992
Md5:    fd0f7f228032bb357e65c8e8c1aa2d1b
Sha1:   ce87fd8f043d820cfea40fec7d98ebb44f8ba224
Sha256: b3e77d78385aa276b424132aab9cb34b85e201c54046f336b96bf423304a2153
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bookbest.moy.su
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1; kdSspUid=e26dc016-642e-4f94-9041-604eaaec4567
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         195.216.243.180
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 25 Nov 2022 04:35:39 GMT
Content-Length: 2238
Last-Modified: Sun, 17 Jan 2010 17:37:53 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b534af1-8be"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 8 colors\012- data
Size:   2238
Md5:    151633b600985be6e43e42f2085d6a3a
Sha1:   93147a1df6e5575678b30d117597f794f40c3280
Sha256: 9fd26d821561b2c8053bdfbb90394d5a16bd2c4036f30e7b1831f67f75ba90a4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hit;clickgate08?r;s1280*1024*24;uhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;1669350935981 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         88.212.201.204
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Length: 43
Connection: keep-alive
Expires: Wed, 24 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    fc94fb0c3ed8a8f909dbc7630a0987ff
Sha1:   56d45f8a17f5078a20af9962c992ca4678450765
Sha256: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
                                        
                                            GET /matchx?gdpr=0&gdpr_consent= HTTP/1.1 
Host: uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Cookie: jcsuuid=IMI6tnJzixXIWP3jjeTh
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.220.27.135
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1809)
Size:   1115
Md5:    29ebcadbee56ab5951c64fa18c3b711e
Sha1:   622e5fb682dcbd8d87b875ec29770a85a8cefcb0
Sha256: dff3b6ec1ce9626bc2d1e942770ccc7b2ded856135aeb10ea1c2582b87fd3014
                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bookbest.moy.su
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 167119
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 17:40:52 GMT
expires: Fri, 24 Nov 2023 17:40:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 39285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1329)
Size:   167119
Md5:    e269c265007dcb5ecc3f2aa6155bc52a
Sha1:   cb8eed3b2684c2767bf45d652f6d630740051d04
Sha256: 85d7f1b40b063a3a07449151918eb63b85f2c6ff5d54936618a1a737ab5c7dbf
                                        
                                            GET /get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322502&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567 HTTP/1.1 
Host: hdbcode.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://bookbest.moy.su
Connection: keep-alive
Cookie: dmpUid=IMI6tnJzixXIWP3jjeTh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.98.54.153
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://bookbest.moy.su
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9645
Md5:    5edfd4a434e557e15149711cea34e6b4
Sha1:   d8df7a26cf7a12a14d1bf5388ff6a6bcfae3bd2e
Sha256: 767292a52c010ccd5d7053e3e1ec688bc11bf22c1c606de47b0e10da5c349a5b
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Length: 937
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:47:36 GMT
ETag: "8f00308b1861205feb5790fc15b36af225498011"
Last-Modified: Fri, 25 Nov 2022 02:47:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2444
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7adbf3a31b4ff-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /match/760/c962523a5b324e01a5e860624fa3db73 HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=IMI6tnJzixXIWP3jjeTh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.220.27.135
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 74
set-cookie: jcsuuid=IMI6tnJzixXIWP3jjeTh; expires=Sat, 25 Nov 2023 04:35:37 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   74
Md5:    9e24e19b024c44b778301d880bd8e6f4
Sha1:   d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
Sha256: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED76F66953F380A612C4495145DB5E8D9B536E4D96E7F5CF6D7718E158773B16"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4143
Expires: Fri, 25 Nov 2022 05:44:40 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED76F66953F380A612C4495145DB5E8D9B536E4D96E7F5CF6D7718E158773B16"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4143
Expires: Fri, 25 Nov 2022 05:44:40 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED76F66953F380A612C4495145DB5E8D9B536E4D96E7F5CF6D7718E158773B16"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4143
Expires: Fri, 25 Nov 2022 05:44:40 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 73267
date: Fri, 25 Nov 2022 04:35:37 GMT
access-control-allow-origin: *
etag: "637f41b2-11e33"
expires: Fri, 25 Nov 2022 05:35:37 GMT
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Size:   73267
Md5:    1d79426653c3b55939eaec59a2ce8ef5
Sha1:   c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
Sha256: 2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
                                        
                                            GET /auto/500x175/image/tesr/5598/598/rect_6367e10210e40t1667752194r6985.jpg HTTP/1.1 
Host: i.cdnkimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.133.44.36
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 57706
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Fri, 09 Dec 2022 04:35:37 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 500x175, components 3\012- data
Size:   57706
Md5:    54babbaa9b539b72d615a62364253770
Sha1:   f68b002ca066ed6c0a364cc66975de17d3579eed
Sha256: 2459e3da24aae984b079c4c3b6732c72546a6781d1fee7c7d8b2815a367d70c4