bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
195.216.243.180301 Moved Permanently 178 B URL HTTP/1.1 bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
IP 195.216.243.180:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Malware
GET /news/ljubovniki_po_nasledstvu/2010-02-16-67 HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14771
Expires: Fri, 25 Nov 2022 08:41:46 GMT
Date: Fri, 25 Nov 2022 04:35:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5462
Cache-Control: max-age=113198
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:35 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:02:13 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 04:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1091
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8138
Expires: Fri, 25 Nov 2022 06:51:13 GMT
Date: Fri, 25 Nov 2022 04:35:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GbQSV0jg1DdcuFgOfmC50V/x5GvCIRtoTy6NR0TmpldViYl8JX0clyggLEukiX/Qm892lo3v1rE=
x-amz-request-id: FG4W2XGC2BP8WVF1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:40:39 GMT
age: 3296
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:35:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
195.216.243.180200 OK 14 kB URL HTTP/1.1 bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
IP 195.216.243.180:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3440)
Hash 55a4d46c35fe277b9241cb5be91f239f
5e807a3a3461c150f35637605bd1b93c6ee581e0
18c026b471235f49cf1c3bb50aee442571e9c4865ad8c7325f8689a40ecd3085
Analyzer Verdict Alert fortinet Malware
GET /news/ljubovniki_po_nasledstvu/2010-02-16-67 HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 7bookbestuCoz=; path=/; expires=Wed, 25-Nov-2020 04:35:38 GMT; Secure; HttpOnly; domain=.bookbest.moy.su
7bookbestnw=QwAaRoBj; path=/; expires=Sat, 25-Nov-2023 04:35:38 GMT; Secure; domain=.bookbest.moy.su
7bookbestuzll=1669350938; path=/; expires=Sat, 25-Nov-2023 04:35:38 GMT; Secure; domain=.bookbest.moy.su
ucvid=w1I2q0Mzel; domain=moy.su; path=/; expires=Sat, 25-Nov-2023 04:35:38 GMT
7bookbestpushi=1; path=/; expires=Sat, 26-Nov-2022 03:35:38 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Fri, 25 Nov 2022 04:35:32 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
bookbest.moy.su/?uZJ20u1XHhyBllBBae%21LJppTDKDfXOMJ%5ESld23dQzGFThEfJmb%5E6SDAOxGjn7PfhljJ4N6M3XUDFm4BMucRxihnyflYe%21SnL5gbN3rkrSsz2i2MnRCTvy5CMZvvnrTb5Ph5L5f3jx7PZQNrOrQhM48if9FkCIW5R%3BLQQx%21xOl3LzP1GUj0uWLL6Ue1qsUHFDWcsRhrpmpmhy27suvI3aWz0o
195.216.243.180200 OK 1.2 kB URL HTTP/1.1 bookbest.moy.su/?uZJ20u1XHhyBllBBae%21LJppTDKDfXOMJ%5ESld23dQzGFThEfJmb%5E6SDAOxGjn7PfhljJ4N6M3XUDFm4BMucRxihnyflYe%21SnL5gbN3rkrSsz2i2MnRCTvy5CMZvvnrTb5Ph5L5f3jx7PZQNrOrQhM48if9FkCIW5R%3BLQQx%21xOl3LzP1GUj0uWLL6Ue1qsUHFDWcsRhrpmpmhy27suvI3aWz0o
IP 195.216.243.180:0
Hash ea7ce4b69bb9878f63f87cbdf67820f9
a2bb7867bee3d1dd300e40d9fa4aff8dfe1d9eb7
52812e3b5366d44110a59eb4d7f1b8c8e09ee2ee7bf806b89b29b4eb21df0821
Analyzer Verdict Alert fortinet Malware
GET /?uZJ20u1XHhyBllBBae%21LJppTDKDfXOMJ%5ESld23dQzGFThEfJmb%5E6SDAOxGjn7PfhljJ4N6M3XUDFm4BMucRxihnyflYe%21SnL5gbN3rkrSsz2i2MnRCTvy5CMZvvnrTb5Ph5L5f3jx7PZQNrOrQhM48if9FkCIW5R%3BLQQx%21xOl3LzP1GUj0uWLL6Ue1qsUHFDWcsRhrpmpmhy27suvI3aWz0o HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
bookbest.moy.su/.s/src/ulightbox/ulightbox.min.css
195.216.243.180200 OK 1.4 kB URL HTTP/1.1 bookbest.moy.su/.s/src/ulightbox/ulightbox.min.css
IP 195.216.243.180:0
File type ASCII text, with very long lines (4552), with no line terminators
Hash 9c03edbcbefe3eea8902981444de96f7
ca39997a1765ab084fb7e6740858176b9385c4ca
8487aa6ee4bd261bdf1f5b681cf96d347cd980ed45183c5a2a9571db6c891a08
GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bookbest.moy.su/.s/src/social.css
195.216.243.180200 OK 610 B URL HTTP/1.1 bookbest.moy.su/.s/src/social.css
IP 195.216.243.180:0
File type ASCII text, with very long lines (442)
Hash af855dcd18719bcf0da15a9029755af1
d74d0ed8d96f2ebe46a7671564bf80eea6865103
9add1a323772a7c09260b63a21732472cb0204105c1d2bee763ea1429f0e26e9
GET /.s/src/social.css HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"61a758f3-9b8"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
142.250.74.164200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP 142.250.74.164:0
File type ASCII text, with very long lines (905), with no line terminators
Hash fe0e23ea2d335147e24f50690aa39c7c
ef74d6655ba8efb294f7ed55e6be16d315381edd
fcccb37edb611bf2580bf74646d25e4fb3660d305c66de3c8571bedfc2dac228
GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 04:35:36 GMT
date: Fri, 25 Nov 2022 04:35:36 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bookbest.moy.su/.s/src/base.min.css
195.216.243.180200 OK 6.1 kB URL HTTP/1.1 bookbest.moy.su/.s/src/base.min.css
IP 195.216.243.180:0
File type ASCII text, with very long lines (24443), with no line terminators
Hash 629527310ba26cfc236c016e14662321
7a87daed5934db9729f12653e67c8de9d4365d58
134e836199a74c0b501c4e1a46dd3625f4696dc608d1052136ee455c2c2d2509
GET /.s/src/base.min.css HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 13:44:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63457350-5f7b"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
bookbest.moy.su/?y2j573q99VIB0Y%5EjavXeuWO5CvJy03lSeIXTM%3B8nb%5EjygjSCXJYn87bIFDFMFh9XRkNyPmjsVdbpkbgmzb1EwD1aez2C5QaTLTWi48fIZk8LaCGWBy5ZW3P%5ET6B3f2a9pHwQugzn3%3B1XH8vbzWfJvL3vcfQOvdWQ8052OHMWCrda1RJGZBZjjsV0XnzKisWXGUUrf58%21cM5%21mpECPn8%21uB9UUwoo
195.216.243.180200 OK 811 B URL HTTP/1.1 bookbest.moy.su/?y2j573q99VIB0Y%5EjavXeuWO5CvJy03lSeIXTM%3B8nb%5EjygjSCXJYn87bIFDFMFh9XRkNyPmjsVdbpkbgmzb1EwD1aez2C5QaTLTWi48fIZk8LaCGWBy5ZW3P%5ET6B3f2a9pHwQugzn3%3B1XH8vbzWfJvL3vcfQOvdWQ8052OHMWCrda1RJGZBZjjsV0XnzKisWXGUUrf58%21cM5%21mpECPn8%21uB9UUwoo
IP 195.216.243.180:0
Hash 4a33e7cd7558f3f5a86d0fc27aee8c90
50fc0ad44d3917690997ca278091e53d0d575362
d6304d22c2821d367e3697cb9fa4e6dbeb093b8634fccd35312664d30d72b330
Analyzer Verdict Alert fortinet Malware
GET /?y2j573q99VIB0Y%5EjavXeuWO5CvJy03lSeIXTM%3B8nb%5EjygjSCXJYn87bIFDFMFh9XRkNyPmjsVdbpkbgmzb1EwD1aez2C5QaTLTWi48fIZk8LaCGWBy5ZW3P%5ET6B3f2a9pHwQugzn3%3B1XH8vbzWfJvL3vcfQOvdWQ8052OHMWCrda1RJGZBZjjsV0XnzKisWXGUUrf58%21cM5%21mpECPn8%21uB9UUwoo HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
bookbest.moy.su/.s/src/layer7.min.css
195.216.243.180200 OK 7.1 kB URL HTTP/1.1 bookbest.moy.su/.s/src/layer7.min.css
IP 195.216.243.180:0
File type ASCII text, with very long lines (25596), with no line terminators
Hash 3c1935984757d00f76ff96d9829e2f6d
7dd11a9eb28ccb100f044ed513c077820689ccd5
a1c0d21bfbcfb164e9029fa989f63926eba780cc6e780322ebdf88040c45ec1a
GET /.s/src/layer7.min.css HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Mar 2022 08:18:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"623c2953-63fc"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
bookbest.moy.su/.s/src/ulightbox/ulightbox.min.js
195.216.243.180200 OK 7.6 kB URL HTTP/1.1 bookbest.moy.su/.s/src/ulightbox/ulightbox.min.js
IP 195.216.243.180:0
File type ASCII text, with very long lines (22291), with no line terminators
Hash 3bb3aaa5262067cec461b32298975b05
4e11bfe49cd05fcdbd1e692fc87788da07e62161
61fa91bb508bfda7ee487ffaf0e38aa71cfab1ce78bb108d6c6140dc9b35ab22
Analyzer Verdict Alert fortinet Malware
GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/javascript
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-5713"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
bookbest.moy.su/widget/?44;187|300|1
195.216.243.180200 OK 462 B URL HTTP/1.1 bookbest.moy.su/widget/?44;187|300|1
IP 195.216.243.180:0
File type ASCII text, with very long lines (347)
Hash ba3c41a6b7538c0ecfdffa1cc0f3da81
565386dd26f9a3145e600569a97898b740da0f08
adfc7183deffa6e4c51916693cf44b233c0c2183b1ed33ed6774cbadfa4c8ee5
GET /widget/?44;187|300|1 HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: private
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bookbest.moy.su/.s/src/jquery-3.6.0.min.js
195.216.243.180200 OK 31 kB URL HTTP/1.1 bookbest.moy.su/.s/src/jquery-3.6.0.min.js
IP 195.216.243.180:0
File type ASCII text, with very long lines (65447)
Hash 08df9f54c9e2e91db3aadc1baff368a5
a8e6c9343489d3c36cf262a10f59d22540248c49
417453d1fcaba01d9543b7649fc12ee865e118714d5f86a8316216e9bb4fdd20
Analyzer Verdict Alert fortinet Malware
GET /.s/src/jquery-3.6.0.min.js HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/javascript
Last-Modified: Thu, 01 Sep 2022 17:44:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef65-15d9d"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
s39.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.235460457033099
195.216.243.180200 OK 0 B URL HTTP/1.1 s39.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.235460457033099
IP 195.216.243.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.235460457033099 HTTP/1.1
Host: s39.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
s39.ucoz.net/src/css/391.css
195.216.243.180200 OK 3.3 kB URL HTTP/1.1 s39.ucoz.net/src/css/391.css
IP 195.216.243.180:0
File type assembler source, ASCII text
Hash 52b25cf92bece12fe84f38fb75490182
2753bd3926ecb6206bf572ce9adac4ddce0c6062
0197642ffb4de6ebc22c87aaf09ffb7929e568c52e9f1ae813b9cabee65180f9
GET /src/css/391.css HTTP/1.1
Host: s39.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: text/css
Last-Modified: Thu, 01 Sep 2022 17:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef67-3d03"
Expires: Mon, 05 Dec 2022 04:35:38 GMT
Cache-Control: max-age=864000
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 1465
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
news.2xclick.ru/loader.js
93.95.100.117200 OK 29 kB URL HTTP/1.1 news.2xclick.ru/loader.js
IP 93.95.100.117:0
ASN #48347 JSC Mediasoft ekspert
File type Unicode text, UTF-8 text, with very long lines (649)
Hash d412dfde8b3c9b4594486933fe691fd5
9e933308f7ff26c90b3328ce1cca980febbfcc96
7b7b3e5e5db4c0be1af13951310ef2695d18b29c7eaa10ab07929db429d97c08
GET /loader.js HTTP/1.1
Host: news.2xclick.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Fri, 25 Nov 2022 04:35:36 GMT
Content-Type: application/javascript
Content-Length: 28651
Last-Modified: Thu, 24 Nov 2022 08:43:27 GMT
Connection: keep-alive
ETag: "637f2eaf-6feb"
Content-Encoding: gzip
Expires: Sat, 26 Nov 2022 04:35:36 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Set-Cookie: uid=XV9kdWOARhhuswZ0wICsAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; secure; SameSite=none
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
bookbest.moy.su/.s/src/uwnd.min.js
195.216.243.180200 OK 57 kB URL HTTP/1.1 bookbest.moy.su/.s/src/uwnd.min.js
IP 195.216.243.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20adfead3a54ad11599adb1bab3d6fc6
23bb516448d5c643cb186ad9aec426388aa79dfd
b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4
Analyzer Verdict Alert fortinet Malware
GET /.s/src/uwnd.min.js HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Thu, 15 Dec 2022 04:35:37 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
bookbest.moy.su/.s/t/391/12.jpg
195.216.243.180200 OK 5.2 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/12.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 584x39, components 3\012- data
Hash d15c784f083de55303da69f38b22725f
6b36fc9c63b1abd64659a7263b6740ccf3178a75
4d86d7e330caca254a573b8d495565b0bcc08c291bb6b3144def01be5c8e3c0c
GET /.s/t/391/12.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 5234
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-1472"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/2.jpg
195.216.243.180200 OK 6.0 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/2.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 243x52, components 3\012- data
Hash 905c63d8db738e737aaac1cdede28f44
0d1db52b402d960d3d138477c0631b33b43e5a5c
995ad5aac3a8c9693c0ff6ddf23fa70c45c404c7044a17455984673f4f4d7572
GET /.s/t/391/2.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 5997
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-176d"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/10.jpg
195.216.243.180200 OK 2.4 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/10.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 85x47, components 3\012- data
Hash 5c6e00d11f4d99ab4a8ffc646e408f5d
f40655ed4f1772bdbd39419b466e617e4dcc4961
d2b5c06538e5c7fef2c35253b304a2ef625c721b53c5373afea363c53851ef2c
GET /.s/t/391/10.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 2390
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-956"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_nw/0/25334825.jpeg
195.216.243.180200 OK 6.6 kB URL HTTP/1.1 bookbest.moy.su/_nw/0/25334825.jpeg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 180x206, components 3\012- data
Hash 4c05f00bebe423364aabbc7071394622
639ad4b5c30f4437c73f0d63cd220d6246e6185b
6fdc7f71b6a04f113d48fc2136d0e981214e6a0199efa9a9c997518508fb22ba
Analyzer Verdict Alert fortinet Malware
GET /_nw/0/25334825.jpeg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 6631
Last-Modified: Sun, 24 Jan 2010 10:59:32 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5c2814-19e7"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
www.dom-cs.ucoz.net/IIPoqpuJIb/noavatar.png
193.109.247.16404 Not Found 2.7 kB URL HTTP/1.1 www.dom-cs.ucoz.net/IIPoqpuJIb/noavatar.png
IP 193.109.247.16:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
GET /IIPoqpuJIb/noavatar.png HTTP/1.1
Host: www.dom-cs.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.8.0
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
www.dom-cs.ucoz.net/IIPoqpuJIb/User.png
193.109.247.16404 Not Found 2.7 kB URL HTTP/1.1 www.dom-cs.ucoz.net/IIPoqpuJIb/User.png
IP 193.109.247.16:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
GET /IIPoqpuJIb/User.png HTTP/1.1
Host: www.dom-cs.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.8.0
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
www.dom-cs.ucoz.net/IIPoqpuJIb/Sys.png
193.109.247.16404 Not Found 2.7 kB URL HTTP/1.1 www.dom-cs.ucoz.net/IIPoqpuJIb/Sys.png
IP 193.109.247.16:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
GET /IIPoqpuJIb/Sys.png HTTP/1.1
Host: www.dom-cs.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.8.0
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
www.dom-cs.ucoz.net/IIPoqpuJIb/Shutdown.png
193.109.247.16404 Not Found 2.7 kB URL HTTP/1.1 www.dom-cs.ucoz.net/IIPoqpuJIb/Shutdown.png
IP 193.109.247.16:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
GET /IIPoqpuJIb/Shutdown.png HTTP/1.1
Host: www.dom-cs.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.8.0
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
bookbest.moy.su/.s/t/391/4.jpg
195.216.243.180200 OK 2.7 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/4.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 85x52, components 3\012- data
Hash 67f02e17f659da8d123bbfbf8da9ffa5
409105f11bd7bf14d3302c75623ac48f94ea7238
47e60cb92fd6f60ee3a845844d4d3851c474e9e2ecdb07bd9c93637cbde55301
GET /.s/t/391/4.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 2674
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-a72"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/8.jpg
195.216.243.180200 OK 1.4 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/8.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 85x44, components 3\012- data
Hash f803d7998f68c346ddb944ac3fe225a5
c9ea8f54f1d2f4c3fca9cf5665b3a6572253ff80
5b70223b14223a96ce3178d255f8c2d5d8e94d6566d88e8d3809d1f3a05f4642
GET /.s/t/391/8.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 1361
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-551"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/21.gif
195.216.243.180200 OK 1.1 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/21.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 35 x 36\012- data
Hash 006ca33d48abc4b4e7206d2fd4d101a6
6c097ac43ccaa5de05be63694df85536e88db536
932ef7e44a591e174b56d1658fd1da34693804a81b72c99fce5ec481402a48f1
GET /.s/t/391/21.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 1134
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-46e"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_nw/0/81715957.jpg
195.216.243.180200 OK 16 kB URL HTTP/1.1 bookbest.moy.su/_nw/0/81715957.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x300, components 3\012- data
Hash ee69377e1846991c3c675f6de246b08a
8da81a3ddfe3de9eacf32c590854af6667b71520
adc0acb21dc8a527e799506c5d14b5c76e25f64fa166618ee03acfcc603ab890
GET /_nw/0/81715957.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 16031
Last-Modified: Wed, 17 Feb 2010 08:33:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b7ba9ef-3e9f"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_nw/0/45093900.jpg
195.216.243.180200 OK 18 kB URL HTTP/1.1 bookbest.moy.su/_nw/0/45093900.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 320x305, components 3\012- data
Hash 24d8e4bb5a895ee2b8c1b3172df026da
ede013d0039ff70f6da125f83bf46b7be343bad9
91eaac21babaf3f03cf9154fc903f0e42ba79ff0e2c050695867a82687ea9c11
GET /_nw/0/45093900.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 18061
Last-Modified: Thu, 18 Feb 2010 14:28:49 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b7d4ea1-468d"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ne-gnevi-boga.at.ua/zakladka.gif
195.216.243.237200 OK 52 kB URL HTTP/1.1 ne-gnevi-boga.at.ua/zakladka.gif
IP 195.216.243.237:0
File type GIF image data, version 89a, 160 x 200\012- data
Hash 79661d7b30bdb0ea4688d0a40929fc7d
2f1809d3c01c34041ef56ceee85bf3c3a4cc9882
212533593660c9c10e463945be6302740149ba08f683f545677379e75e8993cf
GET /zakladka.gif HTTP/1.1
Host: ne-gnevi-boga.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:36 GMT
Content-Type: image/gif
Content-Length: 52395
Last-Modified: Sun, 27 Feb 2011 15:04:29 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d6a67fd-ccab"
Expires: Thu, 15 Dec 2022 04:35:36 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_pu/0/53107055.jpg
195.216.243.180200 OK 20 kB URL HTTP/1.1 bookbest.moy.su/_pu/0/53107055.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x319, components 3\012- data
Hash ffa1ff4465c63141b40f70c9fa4e468f
ca93797dd7a75261f846a2a1a4d84a887c59efe1
2818c109a9889e9e2e7617233b5382bb36b75368f1281ac841edf4e481954d7d
GET /_pu/0/53107055.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 20248
Last-Modified: Mon, 15 Feb 2010 13:00:01 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b794551-4f18"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/13.jpg
195.216.243.180200 OK 1.3 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/13.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 85x39, components 3\012- data
Hash 95075a42a6a20677607b89d55c775c4a
0a161b4ea2b7b375511b743c8bb503b3d2885d7e
4ff10f0658c9a7c0f0f338ee82c997c723d4457f1f1c7bd63e0c88ad57cc62d9
GET /.s/t/391/13.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 1317
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-525"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/11.jpg
195.216.243.180200 OK 4.1 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/11.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 243x39, components 3\012- data
Hash 03f6748c75ecc1a4f3a7e323ecaaf850
9faa14df051268d2ff3228fddfa3f07a5cda4bd6
b46ecc25e10f6afb3f5ce8c9223d8dd03dc62aa0bd25291fbda578afd3099ae5
GET /.s/t/391/11.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 4052
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-fd4"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_bl/0/38628568.jpg
195.216.243.180200 OK 44 kB URL HTTP/1.1 bookbest.moy.su/_bl/0/38628568.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 300x472, components 3\012- data
Hash 55f2c01c2481dc3b707d5a33cdbdc5f8
db5de4ce78389a7d721b09c4840750da21f76b8e
2c2f935077097cb812050a8e27fdc44f474509120608818634b7d12a2fae49f8
GET /_bl/0/38628568.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 44175
Last-Modified: Mon, 25 Jan 2010 09:53:49 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5d6a2d-ac8f"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_bl/0/08431243.jpg
195.216.243.180200 OK 18 kB URL HTTP/1.1 bookbest.moy.su/_bl/0/08431243.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x297, components 3\012- data
Hash c2b73fff80d127e802b391aecec7053b
7bd519c337a47050156da5796f43988177c8a2da
1b31ad1c0d765a453c410b78bbd97bcb139796e04599ef92bb6e895e02631d0b
GET /_bl/0/08431243.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 17878
Last-Modified: Fri, 19 Feb 2010 08:47:07 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b7e500b-45d6"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_bl/0/32061518.jpg
195.216.243.180200 OK 14 kB URL HTTP/1.1 bookbest.moy.su/_bl/0/32061518.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x201, components 3\012- data
Hash c0ab58908a6eddafe706a44da1ab54bd
eecf7fcb4d0c211fe2709c3f09d0ecac497aa204
7420d0b3caf45ced1569a2cd04866c7a4ce9466d9d14b8fcb694f43ed402a40c
GET /_bl/0/32061518.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 13784
Last-Modified: Mon, 25 Jan 2010 09:39:17 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5d66c5-35d8"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_bl/0/27963026.jpg
195.216.243.180200 OK 18 kB URL HTTP/1.1 bookbest.moy.su/_bl/0/27963026.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x306, components 3\012- data
Hash fd228a64bca6a4d685b75492173faefd
0be0dacd60890d4cd0a3cf1e50ff4710b8ef65c0
13b2c93fb04937edf0edf50934ea7fcc07a7ebec45073d3e7526da5e1054bf51
GET /_bl/0/27963026.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 18184
Last-Modified: Mon, 25 Jan 2010 09:45:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5d684c-4708"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/news/_nw/0/08748270.jpg
195.216.243.180404 Not Found 2.7 kB URL HTTP/1.1 bookbest.moy.su/news/_nw/0/08748270.jpg
IP 195.216.243.180:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
GET /news/_nw/0/08748270.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
bookbest.moy.su/_bl/0/47517339.jpg
195.216.243.180200 OK 17 kB URL HTTP/1.1 bookbest.moy.su/_bl/0/47517339.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x310, components 3\012- data
Hash f249efbea7b5808ac875b49e0d04ea0a
ec5bb1de9e7893a89ac03bf7d93459dbc9958933
67666a5bd26f915591a649eaedf18f679b5636f0bf710251db0ee058a5d9200e
GET /_bl/0/47517339.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 17378
Last-Modified: Sun, 24 Jan 2010 12:56:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5c4393-43e2"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_pu/0/87058159.jpg
195.216.243.180200 OK 8.2 kB URL HTTP/1.1 bookbest.moy.su/_pu/0/87058159.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 164x198, components 3\012- data
Hash 4eb13370e8c94051cf4d64a3f0c206bc
464e2b1813623ec64a9ef12216d088ee214bbf4d
4eed4991cc639b39c3a4c00fd8112432a977915d940658782386344cbf4de473
GET /_pu/0/87058159.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 8230
Last-Modified: Sun, 14 Feb 2010 11:40:19 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b77e123-2026"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/_pu/0/65732298.jpg
195.216.243.180200 OK 48 kB URL HTTP/1.1 bookbest.moy.su/_pu/0/65732298.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 500x447, components 3\012- data
Hash 85f49ac2f2c62d2801e3761ce3b92945
bb4e1580439ad74ef4e0692a1d336fffd4d2137c
e3a6d4d39b1444cb0fa1a961eaa46dab0b3882c5b56a2f9033b7d9e695c54b3d
GET /_pu/0/65732298.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 48185
Last-Modified: Sat, 20 Feb 2010 11:39:43 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b7fc9ff-bc39"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/5.jpg
195.216.243.180200 OK 9.7 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/5.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 243x91, components 3\012- data
Hash fa60210507c4eb1c7fbb677065b4da72
baef120081df10990be333a0a0671718c8b7dd15
c1cec72e00ccd7ab0e0077e89cb9c2b8d81accf637f693dd946c849b7cdfc17c
GET /.s/t/391/5.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 9724
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-25fc"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/stat/1669350938
195.216.243.180200 OK 393 B URL HTTP/1.1 bookbest.moy.su/stat/1669350938
IP 195.216.243.180:0
File type GIF image data, version 87a, 88 x 31\012- data
Hash 234a79a2647de89920ad9250248ac6c2
0632b2895ac0a383a60302ec467d2933613225f5
fe3399a7ccb82937997f3241dcdd2921663278e5ad79e95a604b0cf4434bcab7
Analyzer Verdict Alert fortinet Malware
GET /stat/1669350938 HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
bookbest.moy.su/_pu/0/96033566.jpg
195.216.243.180200 OK 12 kB URL HTTP/1.1 bookbest.moy.su/_pu/0/96033566.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x269, components 3\012- data
Hash 2e9214a9af94110951dee0401393f83e
c6c62542cd09fac61d753b75e351bc1b13265eed
a6814d60c126a397c512fbbd5ff9546f94886230f78f0c97b98f41eccd3c6989
GET /_pu/0/96033566.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 11748
Last-Modified: Sun, 14 Feb 2010 10:38:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b77d2a2-2de4"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/1.jpg
195.216.243.180200 OK 12 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/1.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash f82a4b02e693b0d0d73eaf4f718c92f9
2da7d61df32645b4bb73796cd6b4c24124fd53b6
114b5ebf1a47bd8b53faf179ade25effb106a20fdaf4b400186e27d63b5e5f71
GET /.s/t/391/1.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 11746
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-2de2"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/3.jpg
195.216.243.180200 OK 12 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/3.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 584x52, components 3\012- data
Hash 4043c965cedec413361e721422f01f45
2975327ef9807f5e08e8ab8d0e6ab976e23de6fb
0d3d6e6c45b18c0266a40a8fa898a76bc4aebcd4cc31d99574267117bcb00768
GET /.s/t/391/3.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 12268
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-2fec"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/6.jpg
195.216.243.180200 OK 11 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/6.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 584x91, components 3\012- data
Hash ae998a9a2684ba449f9bca8e3255b5fa
cb21ab8bd8cbb1e4cabdf76e441b39643db9a68b
73b44a36cc3b4c241e6e0438c78ba658581e002f7b04e3ebf52b07383ad43b4d
GET /.s/t/391/6.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 10760
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-2a08"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/14.gif
195.216.243.180200 OK 5.3 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/14.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 217 x 41\012- data
Hash ecd5d8e3aac31bd5fbcf2fc76552b568
4993f24e30d64611018ae9729876671ab849eb14
1f07a4b76ca648941d5d7095d2f2cb1b032519d691fbf7dd0634f0974adb97ec
GET /.s/t/391/14.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 5277
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-149d"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/img/icon/social/u.svg
195.216.243.180200 OK 612 B URL HTTP/1.1 bookbest.moy.su/.s/img/icon/social/u.svg
IP 195.216.243.180:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1e726893f02be39b70d24d502a3a9998
98c6fcf43a67426ed7e9c7a839e8115494ca8072
d0608cf0c4aff79f20a198427f7df73300d643face9bea72b8d406b432b84df9
Analyzer Verdict Alert fortinet Malware
GET /.s/img/icon/social/u.svg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 612
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-264"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/16.jpg
195.216.243.180200 OK 4.3 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/16.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 204x135, components 3\012- data
Hash b9af8a7da3c70e4c0bdd2fccd8dc3c8b
589233619946f502db5d3fe73323b700b0ecd3d4
96fd85de1dac3f01685863f76493c7a21dce80d452e8bbe7dfd045f282738934
GET /.s/t/391/16.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 4324
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-10e4"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/img/icon/social/vk.svg
195.216.243.180200 OK 772 B URL HTTP/1.1 bookbest.moy.su/.s/img/icon/social/vk.svg
IP 195.216.243.180:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 7c4eb8cae0b565c023c4406add5f8041
079ce5d3277df672b57a73476a28d0bf0b1c1fe2
05a3f8587400860aa87bb18c9a9cd5b22a45ca4fc4a37a7922d29e48549b2fc9
Analyzer Verdict Alert fortinet Malware
GET /.s/img/icon/social/vk.svg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 772
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-304"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/img/icon/social/fb.svg
195.216.243.180200 OK 611 B URL HTTP/1.1 bookbest.moy.su/.s/img/icon/social/fb.svg
IP 195.216.243.180:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash d178cc46dcbcf2b6f19445674fe3fe58
26f9747489d9e796926f7bbe11817c420afda3af
a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf
Analyzer Verdict Alert fortinet Malware
GET /.s/img/icon/social/fb.svg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 611
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-263"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/img/icon/social/ya.svg
195.216.243.180200 OK 660 B URL HTTP/1.1 bookbest.moy.su/.s/img/icon/social/ya.svg
IP 195.216.243.180:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 7676c3eee5bd955efe08fd05367a443b
595e4e8dbf5ff472606434d0f45806d088de4c0c
b72d3f61ac56b4aa27bad5769589705004aff1f0ad341785ca72dc46ba16de5b
Analyzer Verdict Alert fortinet Malware
GET /.s/img/icon/social/ya.svg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 660
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-294"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
www.seven-zone.3dn.ru/200x40.png
195.216.243.180301 Moved Permanently 178 B URL HTTP/1.1 www.seven-zone.3dn.ru/200x40.png
IP 195.216.243.180:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /200x40.png HTTP/1.1
Host: www.seven-zone.3dn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://www.seven-zone.3dn.ru/200x40.png
X-Frame-Options: SAMEORIGIN
bookbest.moy.su/.s/img/icon/social/gp.svg
195.216.243.180200 OK 550 B URL HTTP/1.1 bookbest.moy.su/.s/img/icon/social/gp.svg
IP 195.216.243.180:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (534), with no line terminators
Hash 10d296226de121de55180e5b1b7d9d49
5980293f4f290734d09459d068a8c3996e43fe40
a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d
Analyzer Verdict Alert fortinet Malware
GET /.s/img/icon/social/gp.svg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 550
Last-Modified: Fri, 01 Feb 2019 12:57:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c544236-226"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/19.gif
195.216.243.180200 OK 3.0 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/19.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 194 x 36\012- data
Hash f11ff969570093d71ab245c2896e1e03
37cbd930cd4ce12782db74baf5274bad3af04b6e
904c098d5ee7b2ca39da7ab02892427c748a8c4b099099846ef10dae1b13a4b1
GET /.s/t/391/19.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 3000
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-bb8"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/img/icon/social/ok.svg
195.216.243.180200 OK 1.9 kB URL HTTP/1.1 bookbest.moy.su/.s/img/icon/social/ok.svg
IP 195.216.243.180:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 08bbc2fa9b08463b0d061041d62b408e
370c53ccc3edd296cd35fb9e3de20dabfdae78d9
e1369586f1d82834ecc0ccab2f5f1a6f7565f2c715243d956bd7eb1404c8fba9
Analyzer Verdict Alert fortinet Malware
GET /.s/img/icon/social/ok.svg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/social.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 1858
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-742"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/22.gif
195.216.243.180200 OK 1.7 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/22.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 35 x 84\012- data
Hash 70487ef2a47b0e8560de37d270f4f8b6
2de8dfadc85e88dc39811a8aaea7453f8f22e21b
25a3607aa4b997e6b110851955ad7573602431972771fb915a9cfd4e99a0bfef
GET /.s/t/391/22.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 1733
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-6c5"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/25.gif
195.216.243.180200 OK 1.9 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/25.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 109 x 36\012- data
Hash a2af2f3cdb346849a3b412b94ccb613f
72f3fb9b6dc0a504a33f5db129823e249e292279
92d277b1994f526d40c7efda62c9aad4cf018d1fc28373a66732d44ac19349d0
GET /.s/t/391/25.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 1881
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-759"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
s39.ucoz.net/.s/t/391/31.gif
195.216.243.180200 OK 398 B URL HTTP/1.1 s39.ucoz.net/.s/t/391/31.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 15 x 15\012- data
Hash f0ff5cd90f9c1369329d76b3d6fee20e
749314dc214b24284aa779a3c280ba3e68834037
7121d935644b856ce3c00c1646b61ed00c39ae468e4e9c5a3af0d9e16f0bcfb9
GET /.s/t/391/31.gif HTTP/1.1
Host: s39.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s39.ucoz.net/src/css/391.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 398
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-18e"
Expires: Mon, 05 Dec 2022 04:35:38 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
s39.ucoz.net/.s/t/391/32.gif
195.216.243.180200 OK 65 B URL HTTP/1.1 s39.ucoz.net/.s/t/391/32.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 10 x 13\012- data
Hash 48424855072e84dd95ebb222fe3aec9e
f7732c14ebc3aa5deb7a6bcb0e8ddaa7a21d7471
3b6ac93f722df18f7b14319258328a097c3f44252ce3286abcbedb9c5bb6c4f9
GET /.s/t/391/32.gif HTTP/1.1
Host: s39.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s39.ucoz.net/src/css/391.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 65
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-41"
Expires: Mon, 05 Dec 2022 04:35:38 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
bookbest.moy.su/.s/img/stars/3/12.png
195.216.243.180200 OK 1.2 kB URL HTTP/1.1 bookbest.moy.su/.s/img/stars/3/12.png
IP 195.216.243.180:0
File type PNG image data, 12 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 350693463200bbe9388eec7d1a208289
9a310a7dd3c068636b224d253e0df9ce09784df2
aa22bfd07d6d73ee1e2fc304bf81625c716e83f81e1dfc044560b54595bdec28
GET /.s/img/stars/3/12.png HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/png
Content-Length: 1161
Last-Modified: Mon, 21 Nov 2022 12:38:37 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b714d-489"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/img/sh/wait.gif
195.216.243.180200 OK 265 B URL HTTP/1.1 bookbest.moy.su/.s/img/sh/wait.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 32 x 8\012- data
Hash c44da6bb38458d2c57e23104c53d8e05
5e9352aa3d0b522fff659c48299d1b3006c78f47
163da6b91f78ccad8c824ef31e5dbd2a89fb8d93f2381d43faa96acf502ca3e8
GET /.s/img/sh/wait.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/.s/src/base.min.css
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 265
Last-Modified: Mon, 21 Nov 2022 12:38:33 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7149-109"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/23.gif
195.216.243.180200 OK 2.3 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/23.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 35 x 121\012- data
Hash 22bd2ad9b32cc958086cdc7c55459836
d5cadbfa878635cbf9df3e21a43beded2cd7cdee
b34e4337ee005a7fd112629ba4278ee82aaccc43825f16a1da58664566ebbab6
GET /.s/t/391/23.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 2262
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-8d6"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3fe7f5358590c26b5605260f4a9d879f
555b41baee7e451c086997339ba1968df510c950
3019b8d14e9c7ccac27d13b596eb86104f6f6e78445879cc8aceb8e0cc22f1ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3019B8D14E9C7CCAC27D13B596EB86104F6F6E78445879CC8ACEB8E0CC22F1AD"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7076
Expires: Fri, 25 Nov 2022 06:33:32 GMT
Date: Fri, 25 Nov 2022 04:35:36 GMT
Connection: keep-alive
bookbest.moy.su/.s/t/391/15.gif
195.216.243.180200 OK 4.4 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/15.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 217 x 28\012- data
Hash 50a7df02972d0361f129981184ba0b7d
e5313a2938bb7483ab9af64e2c190fd92d04458c
6ed7d3115c990a58ee4712a3f97088d80466f84bd7cd9a4da6698518fb83fbfd
GET /.s/t/391/15.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 4355
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-1103"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
s39.ucoz.net/.s/t/391/33.gif
195.216.243.180200 OK 48 B URL HTTP/1.1 s39.ucoz.net/.s/t/391/33.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 5 x 5\012- data
Hash 9750eb0573078058e4687dcba2794e89
e12a68b54a9eb1373083c1c35e020ec1b1561c16
b429a2de9dc7b091cb845285fab32e6004b12b5fbdcd66e43e9d34cba5b9e0a3
GET /.s/t/391/33.gif HTTP/1.1
Host: s39.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s39.ucoz.net/src/css/391.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 48
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-30"
Expires: Mon, 05 Dec 2022 04:35:38 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/17.gif
195.216.243.180200 OK 4.3 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/17.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 217 x 28\012- data
Hash 04953855b4c2e80dd26ccc83cba263c5
3195fd297c6d30e50c0d6cd08e926e43eee5c644
01855d6c4994e270975628b0e08696aa45956ce1cd421357e66bd59c58ed0844
GET /.s/t/391/17.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 4347
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-10fb"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3fe7f5358590c26b5605260f4a9d879f
555b41baee7e451c086997339ba1968df510c950
3019b8d14e9c7ccac27d13b596eb86104f6f6e78445879cc8aceb8e0cc22f1ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3019B8D14E9C7CCAC27D13B596EB86104F6F6E78445879CC8ACEB8E0CC22F1AD"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7076
Expires: Fri, 25 Nov 2022 06:33:32 GMT
Date: Fri, 25 Nov 2022 04:35:36 GMT
Connection: keep-alive
bookbest.moy.su/.s/t/391/18.gif
195.216.243.180200 OK 1.1 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/18.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 35 x 36\012- data
Hash eb99082b0574634faab224860e50f12e
b45a5ad52fdc936f09be4044916eca9319cc4421
9a68e9c1ed6af4f9255a29d7849bbb712c603e7b4e4b3955c2632c15ad1c0579
GET /.s/t/391/18.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 1135
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-46f"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/20.gif
195.216.243.180200 OK 4.7 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/20.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 277 x 36\012- data
Hash 1a3abe4f6ca8db93b93110a5b4f7a5f9
f58603e4a1cf8511527c2de7fcc87309d669b100
bc76500c2f81cda5509175393b61593f6ef998b4422cf0371f853da175eef9d4
GET /.s/t/391/20.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 4731
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-127b"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/img/icon/thumbu2_.png
195.216.243.180200 OK 200 B URL HTTP/1.1 bookbest.moy.su/.s/img/icon/thumbu2_.png
IP 195.216.243.180:0
File type PNG image data, 12 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ddcef35af64306e1a5c565e9ad6d345
7af92db5caa84bc8885fa4eb944e2e435bc280d0
631351c46214f59ec4af48f9fcccecfbe1209b76265900431ba1c7a74acb92ec
GET /.s/img/icon/thumbu2_.png HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/png
Content-Length: 200
Last-Modified: Mon, 21 Nov 2022 12:38:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7140-c8"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4698
Cache-Control: max-age=107371
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:36 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:25:07 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
bookbest.moy.su/.s/img/icon/thumbd2_.png
195.216.243.180200 OK 212 B URL HTTP/1.1 bookbest.moy.su/.s/img/icon/thumbd2_.png
IP 195.216.243.180:0
File type PNG image data, 12 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 250cd363aa4f1f290624d43d4f71d762
3fc6e82c8eb89610a6aaaa90b5f91449df94bb74
92b935b6112c66bdeb8051cc585d945fe8e3fd9e470300720d12821a4617fc86
GET /.s/img/icon/thumbd2_.png HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/png
Content-Length: 212
Last-Modified: Mon, 21 Nov 2022 12:38:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7140-d4"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/26.gif
195.216.243.180200 OK 5.4 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/26.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 299 x 36\012- data
Hash a49be591ac6caefba84c1b5f1c7e49e2
7b4d58c138523c81de9f2dff6e3500e626963b18
ea3b57f7d4db0985df22637de9b34c7c2745b00609eaf83dda3ee0da34fbb566
GET /.s/t/391/26.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 5361
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-14f1"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/?JmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%5EiQuzdBhqO5B0SCBEkNbRDhT0gjezwBhIfMZh6kSAfmsJ7EA0UwZ%5Ewoo
195.216.243.180200 OK 800 B URL HTTP/1.1 bookbest.moy.su/?JmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%5EiQuzdBhqO5B0SCBEkNbRDhT0gjezwBhIfMZh6kSAfmsJ7EA0UwZ%5Ewoo
IP 195.216.243.180:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2e171d137fe10e8019774ec3983057b2
f7d706f1498308d9d5e6b4ee952e45045bd1c81c
ebcdfadeba8fe9b659d095327de5958e4512fcea839be792599504643948ed53
Analyzer Verdict Alert fortinet Malware
GET /?JmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%5EiQuzdBhqO5B0SCBEkNbRDhT0gjezwBhIfMZh6kSAfmsJ7EA0UwZ%5Ewoo HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip
bookbest.moy.su/.s/t/391/27.gif
195.216.243.180200 OK 1.1 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/27.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 35 x 36\012- data
Hash 5d9bfcc18f29bae9e566ff529b4271d2
606caadd96ab0b1452d2bbb9445aebcc5b0e3686
c2a3a61df5444a996a2ed6dc17b989b80b8a61f3309a53e8317fc1e2a6a637ee
GET /.s/t/391/27.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 1141
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-475"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/24.gif
195.216.243.180200 OK 1.1 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/24.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 35 x 36\012- data
Hash 5605b9e93b375c1cab4221b5f089090f
6658c89e0955bb8f358f24f224f3854bda4c80f6
60ba66dbaa82fd6a2fd8f3ea2e838836673fb7ddaed9a2e73351822342767121
GET /.s/t/391/24.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 1136
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-470"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
s39.ucoz.net/adv/dummy/000/css/style.css
195.216.243.180200 OK 1.6 kB URL HTTP/1.1 s39.ucoz.net/adv/dummy/000/css/style.css
IP 195.216.243.180:0
Hash 50406c447ccad47ca9e5d53eff612ffb
16e3921585135a87a1066689c9c67a312d96c92d
01a0732bba96fb38be885a1d233fecf52e32c7e07e48cd05f6f07a3690ea304c
GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s39.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a36fd-19eb"
Content-Encoding: gzip
s39.ucoz.net/adv/dummy/000/img/ucoz-logo.png
195.216.243.180200 OK 4.6 kB URL HTTP/1.1 s39.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP 195.216.243.180:0
File type PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2
GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s39.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fd-11e9"
Accept-Ranges: bytes
bookbest.moy.su/.s/t/391/28.gif
195.216.243.180200 OK 9.9 kB URL HTTP/1.1 bookbest.moy.su/.s/t/391/28.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 150 x 106\012- data
Hash cee34dc8f64c0692eafbd12a9fa74d20
71b64639df9a89124662fa971c1d0b4f6143a16a
ae3b93e61d0223ece863fe18510355b3676ab928461ef01d7e90be66d09ec41d
GET /.s/t/391/28.gif HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 9903
Last-Modified: Thu, 18 Feb 2016 13:02:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56c5c0cc-26af"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0eea28ee764a70bd69a31c049dd4a1f
b8c17b0a0120999f3ef1af25d394c06260cd5453
c92a2a8386fdda2606795b9a1611e28c1514deecd4c9aea85be6af562bfcf221
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C92A2A8386FDDA2606795B9A1611E28C1514DEECD4C9AEA85BE6AF562BFCF221"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12836
Expires: Fri, 25 Nov 2022 08:09:33 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 451acb9160243837fad2ac5e316cde5c
740c203cf10ee51997d7831b1a7b9463193be3f3
ed30399343cf6ffc75d083cb07e3fd761f7498f1aff1a242ff3b938bd85c145a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED30399343CF6FFC75D083CB07E3FD761F7498F1AFF1A242FF3B938BD85C145A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Fri, 25 Nov 2022 07:55:53 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 451acb9160243837fad2ac5e316cde5c
740c203cf10ee51997d7831b1a7b9463193be3f3
ed30399343cf6ffc75d083cb07e3fd761f7498f1aff1a242ff3b938bd85c145a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED30399343CF6FFC75D083CB07E3FD761F7498F1AFF1A242FF3B938BD85C145A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Fri, 25 Nov 2022 07:55:53 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhdbcode.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhdbcode.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/1/?cb_url=https%3A%2F%2Fhdbcode.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent= HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 0
location: https://hdbcode.com/setuid?IMI6tnJzixXIWP3jjeTh
set-cookie: jcsuuid=IMI6tnJzixXIWP3jjeTh; expires=Sat, 25 Nov 2023 04:35:37 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Kshi195rPMDTKGuq/0ozCg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u52a50Ofh8vzRNpLtHQc9BX/QUs=
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
142.250.74.33200 OK 60 kB URL HTTP/2 themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP 142.250.74.33:0
File type Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Hash 0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bookbest.moy.su
Connection: keep-alive
Referer: https://s39.ucoz.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 60332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 15:09:24 GMT
expires: Wed, 22 Nov 2023 15:09:24 GMT
cache-control: public, max-age=31536000
age: 221173
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rot.spotsniper.ru/?src=ujs6
31.172.81.160200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
rot.spotsniper.ru/?src=ujs6&s_subid=btn
31.172.81.160200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6&s_subid=btn
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6&s_subid=btn HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
hdbcode.com/setuid?IMI6tnJzixXIWP3jjeTh
185.98.54.153200 OK 74 B URL HTTP/2 hdbcode.com/setuid?IMI6tnJzixXIWP3jjeTh
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /setuid?IMI6tnJzixXIWP3jjeTh HTTP/1.1
Host: hdbcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bookbest.moy.su/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 74
set-cookie: dmpUid=IMI6tnJzixXIWP3jjeTh; expires=Sat, 25 Nov 2023 04:35:37 GMT; domain=hdbcode.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322613&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567
185.98.54.153200 OK 0 B URL HTTP/2 hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322613&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322613&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567 HTTP/1.1
Host: hdbcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bookbest.moy.su
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://bookbest.moy.su
X-Firefox-Spdy: h2
hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322502&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567
185.98.54.153200 OK 0 B URL HTTP/2 hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322502&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322502&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567 HTTP/1.1
Host: hdbcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bookbest.moy.su
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://bookbest.moy.su
X-Firefox-Spdy: h2
s39.ucoz.net/adv/dummy/000/img/bg.gif
195.216.243.180200 OK 1.3 kB URL HTTP/1.1 s39.ucoz.net/adv/dummy/000/img/bg.gif
IP 195.216.243.180:0
File type GIF image data, version 89a, 485 x 3\012- data
Hash b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50
GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s39.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s39.ucoz.net/adv/dummy/000/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fd-4f4"
Accept-Ranges: bytes
bookbest.moy.su/_bl/0/26046471.jpg
195.216.243.180200 OK 20 kB URL HTTP/1.1 bookbest.moy.su/_bl/0/26046471.jpg
IP 195.216.243.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 250x250, components 3\012- data
Hash 7413fe00cb76a94e0b852aa654dd0ace
7add729c4118805308aef03e72d4915bfd51c09f
8d66fc26d594d911b114346304b2db3bc996736285348165601c5cb07a0f877e
GET /_bl/0/26046471.jpg HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: image/jpeg
Content-Length: 19961
Last-Modified: Sun, 24 Jan 2010 12:49:01 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5c41bd-4df9"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash a77fc3778b437a40010bfe083464e46b
69165ad38149a340aaba84e198cf792dddbbbb93
1c5aa97c33e91634bbfb0b3607560efef5d45069ab09f4a89f0e8b5de64abc61
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:20:33 GMT
ETag: "69165ad38149a340aaba84e198cf792dddbbbb93"
Last-Modified: Fri, 25 Nov 2022 02:20:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3335
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7adbd785db4fa-OSL
counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;s1280*1024*24;uhttps%3A//bookbest.moy.su/%3FJmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%255EiQuzdBhqO5B0SCBEkNbRDhT0gjezwBhIfMZh6kSAfmsJ7EA0UwZ%255Ewoo;1669350936637
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;s1280*1024*24;uhttps%3A//bookbest.moy.su/%3FJmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%255EiQuzdBhqO5B0SCBEkNbRDhT0gjezwBhIfMZh6kSAfmsJ7EA0UwZ%255Ewoo;1669350936637
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_topline_worldwide?rhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;s1280*1024*24;uhttps%3A//bookbest.moy.su/%3FJmkA3hH7lM5fpuwMagu5hRkYQpIi9wCa%255EiQuzdBhqO5B0SCBEkNbRDhT0gjezwBhIfMZh6kSAfmsJ7EA0UwZ%255Ewoo;1669350936637 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Wed, 24 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
dm-eu.hybrid.ai/match?id=158&vid=IMI6tnJzixXIWP3jjeTh
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=158&vid=IMI6tnJzixXIWP3jjeTh
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=158&vid=IMI6tnJzixXIWP3jjeTh HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 04:35:37 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=a47800a53901b929164a; expires=Sat, 25 Nov 2023 04:35:35 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 528
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash abbae2250c9b080fc65356602f301b09
413649c51445a884c3ee9c772ea08dcd4576ef82
905e3845c43132a77dc31fadf25f941e55f585c52a3aa57ed47f2200ad8b4af7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905E3845C43132A77DC31FADF25F941E55F585C52A3AA57ED47F2200AD8B4AF7"
Last-Modified: Thu, 24 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2923
Expires: Fri, 25 Nov 2022 05:24:20 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
z.cdn.adtarget.me/smc?s=22&u=IMI6tnJzixXIWP3jjeTh
212.32.253.229204 No Content 0 B URL HTTP/2 z.cdn.adtarget.me/smc?s=22&u=IMI6tnJzixXIWP3jjeTh
IP 212.32.253.229:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smc?s=22&u=IMI6tnJzixXIWP3jjeTh HTTP/1.1
Host: z.cdn.adtarget.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 04:29:25 GMT
X-Firefox-Spdy: h2
hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322613&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567
185.98.54.153200 OK 6.0 kB URL HTTP/2 hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322613&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
Hash fd0f7f228032bb357e65c8e8c1aa2d1b
ce87fd8f043d820cfea40fec7d98ebb44f8ba224
b3e77d78385aa276b424132aab9cb34b85e201c54046f336b96bf423304a2153
GET /get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322613&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567 HTTP/1.1
Host: hdbcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://bookbest.moy.su
Connection: keep-alive
Cookie: dmpUid=IMI6tnJzixXIWP3jjeTh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://bookbest.moy.su
content-encoding: gzip
X-Firefox-Spdy: h2
bookbest.moy.su/favicon.ico
195.216.243.180200 OK 2.2 kB URL HTTP/1.1 bookbest.moy.su/favicon.ico
IP 195.216.243.180:0
File type MS Windows icon resource - 1 icon, 32x32, 8 colors\012- data
Hash 151633b600985be6e43e42f2085d6a3a
93147a1df6e5575678b30d117597f794f40c3280
9fd26d821561b2c8053bdfbb90394d5a16bd2c4036f30e7b1831f67f75ba90a4
GET /favicon.ico HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1; kdSspUid=e26dc016-642e-4f94-9041-604eaaec4567
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:39 GMT
Content-Type: image/x-icon
Content-Length: 2238
Last-Modified: Sun, 17 Jan 2010 17:37:53 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b534af1-8be"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;1669350935981
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;1669350935981
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;clickgate08?r;s1280*1024*24;uhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;1669350935981 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Wed, 24 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
uuidksinc.net/matchx?gdpr=0&gdpr_consent=
31.220.27.135200 OK 1.1 kB URL HTTP/2 uuidksinc.net/matchx?gdpr=0&gdpr_consent=
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1809)
Hash 29ebcadbee56ab5951c64fa18c3b711e
622e5fb682dcbd8d87b875ec29770a85a8cefcb0
dff3b6ec1ce9626bc2d1e942770ccc7b2ded856135aeb10ea1c2582b87fd3014
GET /matchx?gdpr=0&gdpr_consent= HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Cookie: jcsuuid=IMI6tnJzixXIWP3jjeTh
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js
142.250.74.163200 OK 167 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (1329)
Size 167 kB (167119 bytes)
Hash e269c265007dcb5ecc3f2aa6155bc52a
cb8eed3b2684c2767bf45d652f6d630740051d04
85d7f1b40b063a3a07449151918eb63b85f2c6ff5d54936618a1a737ab5c7dbf
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bookbest.moy.su
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 167119
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 17:40:52 GMT
expires: Fri, 24 Nov 2023 17:40:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 39285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322502&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567
185.98.54.153200 OK 9.6 kB URL HTTP/2 hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322502&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
Hash 5edfd4a434e557e15149711cea34e6b4
d8df7a26cf7a12a14d1bf5388ff6a6bcfae3bd2e
767292a52c010ccd5d7053e3e1ec688bc11bf22c1c606de47b0e10da5c349a5b
GET /get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=bookbest.moy.su&blockID=322502&width=728&height=476&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=e26dc016-642e-4f94-9041-604eaaec4567 HTTP/1.1
Host: hdbcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://bookbest.moy.su
Connection: keep-alive
Cookie: dmpUid=IMI6tnJzixXIWP3jjeTh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://bookbest.moy.su
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash c418f8f464fcc8a418d6740e1fb4e0d5
8f00308b1861205feb5790fc15b36af225498011
8a74951003072df8401ae3ac8cc46a0cf7bbff2182f3f76f1bac93a2754c3eb3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:47:36 GMT
ETag: "8f00308b1861205feb5790fc15b36af225498011"
Last-Modified: Fri, 25 Nov 2022 02:47:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2444
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f7adbf3a31b4ff-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.uuidksinc.net/match/760/c962523a5b324e01a5e860624fa3db73
31.220.27.135200 OK 74 B URL HTTP/2 s.uuidksinc.net/match/760/c962523a5b324e01a5e860624fa3db73
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/760/c962523a5b324e01a5e860624fa3db73 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=IMI6tnJzixXIWP3jjeTh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 74
set-cookie: jcsuuid=IMI6tnJzixXIWP3jjeTh; expires=Sat, 25 Nov 2023 04:35:37 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c36207244507e0bbc87a5cc320a68fd7
0ac505ff2027f829304411099c732039b1178cc8
ed76f66953f380a612c4495145db5e8d9b536e4d96e7f5cf6d7718e158773b16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED76F66953F380A612C4495145DB5E8D9B536E4D96E7F5CF6D7718E158773B16"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4143
Expires: Fri, 25 Nov 2022 05:44:40 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c36207244507e0bbc87a5cc320a68fd7
0ac505ff2027f829304411099c732039b1178cc8
ed76f66953f380a612c4495145db5e8d9b536e4d96e7f5cf6d7718e158773b16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED76F66953F380A612C4495145DB5E8D9B536E4D96E7F5CF6D7718E158773B16"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4143
Expires: Fri, 25 Nov 2022 05:44:40 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c36207244507e0bbc87a5cc320a68fd7
0ac505ff2027f829304411099c732039b1178cc8
ed76f66953f380a612c4495145db5e8d9b536e4d96e7f5cf6d7718e158773b16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED76F66953F380A612C4495145DB5E8D9B536E4D96E7F5CF6D7718E158773B16"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4143
Expires: Fri, 25 Nov 2022 05:44:40 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Fri, 25 Nov 2022 04:35:37 GMT
access-control-allow-origin: *
etag: "637f41b2-11e33"
expires: Fri, 25 Nov 2022 05:35:37 GMT
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
i.cdnkimg.com/auto/500x175/image/tesr/5598/598/rect_6367e10210e40t1667752194r6985.jpg
45.133.44.36200 OK 58 kB URL HTTP/2 i.cdnkimg.com/auto/500x175/image/tesr/5598/598/rect_6367e10210e40t1667752194r6985.jpg
IP 45.133.44.36:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 500x175, components 3\012- data
Hash 54babbaa9b539b72d615a62364253770
f68b002ca066ed6c0a364cc66975de17d3579eed
2459e3da24aae984b079c4c3b6732c72546a6781d1fee7c7d8b2815a367d70c4
GET /auto/500x175/image/tesr/5598/598/rect_6367e10210e40t1667752194r6985.jpg HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/jpeg
content-length: 57706
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Fri, 09 Dec 2022 04:35:37 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bookbest.moy.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:19:49 GMT
expires: Fri, 24 Nov 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 80148
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.cdnkimg.com/auto/500x175/image/tesr/2064/64/rect_6324c76edd512t1663354734r3464.jpeg
45.133.44.36200 OK 49 kB URL HTTP/2 i.cdnkimg.com/auto/500x175/image/tesr/2064/64/rect_6324c76edd512t1663354734r3464.jpeg
IP 45.133.44.36:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 500x175, components 3\012- data
Hash f8cb974015e9c2a990988db1d76a8b8b
5249819d191feee626ecda66be5f895533beb354
d838214601d9062b90c99431f457491886d40b334b6d149edaff9f065f35da68
GET /auto/500x175/image/tesr/2064/64/rect_6324c76edd512t1663354734r3464.jpeg HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/jpeg
content-length: 49109
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Fri, 09 Dec 2022 04:35:37 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bookbest.moy.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 118889
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.cdnkimg.com/auto/500x175/image/tesr/4607/607/rect_63665e752ca7dt1667653237r8782.png
45.133.44.36200 OK 83 kB URL HTTP/2 i.cdnkimg.com/auto/500x175/image/tesr/4607/607/rect_63665e752ca7dt1667653237r8782.png
IP 45.133.44.36:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 500 x 175, 8-bit/color RGB, non-interlaced\012- data
Hash 1522b79e7fbef585ebcf720666a526cf
d67509f4dbe5a5b2f1870cbcea2fd48513e8af39
d48aef40b009ac7e8c797bc06c81c64981c10b8a072857aa59daf90a1fae4899
GET /auto/500x175/image/tesr/4607/607/rect_63665e752ca7dt1667653237r8782.png HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 82582
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: HIT
expires: Fri, 09 Dec 2022 04:35:37 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 15df2bd9ce610424bc3aa7dae9cb8738
1f89b1a1dbbc218b26e09e36e5ee3e35f41ca904
efe9e450ba46079f83c6ffd00c720facd83094651b7677702ca105e0dfd3e950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFE9E450BA46079F83C6FFD00C720FACD83094651B7677702CA105E0DFD3E950"
Last-Modified: Thu, 24 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20305
Expires: Fri, 25 Nov 2022 10:14:02 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0c4b7bd0043f38900dcd06a39a3b753
90885dab979de3a357b4bd82a9d5320fe1196dd9
92126a391e8a783a28f9678d6a8353b792bef737b961654c410e75e2a78ada1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92126A391E8A783A28F9678D6A8353B792BEF737B961654C410E75E2A78ADA1F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5193
Expires: Fri, 25 Nov 2022 06:02:10 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0c4b7bd0043f38900dcd06a39a3b753
90885dab979de3a357b4bd82a9d5320fe1196dd9
92126a391e8a783a28f9678d6a8353b792bef737b961654c410e75e2a78ada1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92126A391E8A783A28F9678D6A8353B792BEF737B961654C410E75E2A78ADA1F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5193
Expires: Fri, 25 Nov 2022 06:02:10 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 15df2bd9ce610424bc3aa7dae9cb8738
1f89b1a1dbbc218b26e09e36e5ee3e35f41ca904
efe9e450ba46079f83c6ffd00c720facd83094651b7677702ca105e0dfd3e950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFE9E450BA46079F83C6FFD00C720FACD83094651B7677702CA105E0DFD3E950"
Last-Modified: Thu, 24 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20305
Expires: Fri, 25 Nov 2022 10:14:02 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24dec10c6edd46b6aa70f82e82dd032a
85de4dc190500f1211c1512a431d0b3753362bc9
b9609c49131cb0e29043d4e425b5079c77319cf2dd288508ddd9dc6e9abd4e51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9609C49131CB0E29043D4E425B5079C77319CF2DD288508DDD9DC6E9ABD4E51"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5442
Expires: Fri, 25 Nov 2022 06:06:19 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0c4b7bd0043f38900dcd06a39a3b753
90885dab979de3a357b4bd82a9d5320fe1196dd9
92126a391e8a783a28f9678d6a8353b792bef737b961654c410e75e2a78ada1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92126A391E8A783A28F9678D6A8353B792BEF737B961654C410E75E2A78ADA1F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5193
Expires: Fri, 25 Nov 2022 06:02:10 GMT
Date: Fri, 25 Nov 2022 04:35:37 GMT
Connection: keep-alive
s.viitjcfx.com/n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxy7cymrgwa376ktptqxt2pjjggttmgeffw3qhnz3xsulgjrgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyvdk3kosrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdss7bgnon6svpyr76iu7qxzgyuv7dikqvdkgvwu5ii2cti4jxdncrgmcjybnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsmjmpxpc5dqwdg5b5s2g3ia2f6ilv4h6i7i4mdrq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmcvyvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
31.220.27.155200 OK 74 B URL HTTP/2 s.viitjcfx.com/n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxy7cymrgwa376ktptqxt2pjjggttmgeffw3qhnz3xsulgjrgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyvdk3kosrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdss7bgnon6svpyr76iu7qxzgyuv7dikqvdkgvwu5ii2cti4jxdncrgmcjybnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsmjmpxpc5dqwdg5b5s2g3ia2f6ilv4h6i7i4mdrq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmcvyvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxy7cymrgwa376ktptqxt2pjjggttmgeffw3qhnz3xsulgjrgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyvdk3kosrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdss7bgnon6svpyr76iu7qxzgyuv7dikqvdkgvwu5ii2cti4jxdncrgmcjybnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsmjmpxpc5dqwdg5b5s2g3ia2f6ilv4h6i7i4mdrq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmcvyvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE} HTTP/1.1
Host: s.viitjcfx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
s.viitjcfx.com/i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxs6cymjfgal73mxodqxt2pjjggttmgeffw3qhn53h6v3aj5gopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkys6sl6osrmmbvmt2legyqfudnoa2bamswj5fwcueinpjdssxbgnon6suytvyoiu6osbgiuv4oikqvdf5ex45ii2fnzk3xfncrtm24sa5mna4ic3dxrfiwzkkt2vmzmc76jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsjj2mwmw5dqcaaqysvpw3uq3hsnfwzve6emka5ks25w3wamuzvypjl5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq===
31.220.27.155200 OK 74 B URL HTTP/2 s.viitjcfx.com/i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxs6cymjfgal73mxodqxt2pjjggttmgeffw3qhn53h6v3aj5gopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkys6sl6osrmmbvmt2legyqfudnoa2bamswj5fwcueinpjdssxbgnon6suytvyoiu6osbgiuv4oikqvdf5ex45ii2fnzk3xfncrtm24sa5mna4ic3dxrfiwzkkt2vmzmc76jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsjj2mwmw5dqcaaqysvpw3uq3hsnfwzve6emka5ks25w3wamuzvypjl5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq===
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxs6cymjfgal73mxodqxt2pjjggttmgeffw3qhn53h6v3aj5gopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkys6sl6osrmmbvmt2legyqfudnoa2bamswj5fwcueinpjdssxbgnon6suytvyoiu6osbgiuv4oikqvdf5ex45ii2fnzk3xfncrtm24sa5mna4ic3dxrfiwzkkt2vmzmc76jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsjj2mwmw5dqcaaqysvpw3uq3hsnfwzve6emka5ks25w3wamuzvypjl5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq=== HTTP/1.1
Host: s.viitjcfx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
s.viitjcfx.com/n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxu72xmbggbjsnehstqxt2pjjggttmgeffw3qhn53h4vdjibgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyw2wl6osrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdsshbgnon6svpyr76iu444vgyuv7dikqvdnvmx45ii2hcothxdncrhyk2ebnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsmjmpxpc5dqwdg5b5s2g3ia2f4xzjbc3kbc54drq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmc7yvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
31.220.27.155200 OK 74 B URL HTTP/2 s.viitjcfx.com/n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxu72xmbggbjsnehstqxt2pjjggttmgeffw3qhn53h4vdjibgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyw2wl6osrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdsshbgnon6svpyr76iu444vgyuv7dikqvdnvmx45ii2hcothxdncrhyk2ebnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsmjmpxpc5dqwdg5b5s2g3ia2f4xzjbc3kbc54drq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmc7yvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxu72xmbggbjsnehstqxt2pjjggttmgeffw3qhn53h4vdjibgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyw2wl6osrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdsshbgnon6svpyr76iu444vgyuv7dikqvdnvmx45ii2hcothxdncrhyk2ebnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsmjmpxpc5dqwdg5b5s2g3ia2f4xzjbc3kbc54drq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmc7yvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE} HTTP/1.1
Host: s.viitjcfx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
s.viitjcfx.com/i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxu72xmbggbjsnehstqxt2pjjggttmgeffw3qhn53h4vdjibgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyw2wl6osrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdsshbgnon6svpyr76iu444vgyuv7dikqvdnvmx45ii2hcothxdncrhyk2ebnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsmjmpxpc5dqwdg5b5s2g3ia3hsnfwzve6emka5ks25w3wamuzvypjo5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq===
31.220.27.155200 OK 74 B URL HTTP/2 s.viitjcfx.com/i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxu72xmbggbjsnehstqxt2pjjggttmgeffw3qhn53h4vdjibgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyw2wl6osrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdsshbgnon6svpyr76iu444vgyuv7dikqvdnvmx45ii2hcothxdncrhyk2ebnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsmjmpxpc5dqwdg5b5s2g3ia3hsnfwzve6emka5ks25w3wamuzvypjo5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq===
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxu72xmbggbjsnehstqxt2pjjggttmgeffw3qhn53h4vdjibgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyw2wl6osrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdsshbgnon6svpyr76iu444vgyuv7dikqvdnvmx45ii2hcothxdncrhyk2ebnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsmjmpxpc5dqwdg5b5s2g3ia3hsnfwzve6emka5ks25w3wamuzvypjo5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq=== HTTP/1.1
Host: s.viitjcfx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
s.viitjcfx.com/n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxs6cymjfgal73mxodqxt2pjjggttmgeffw3qhn53h6v3aj5gopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkys6sl6osrmmbvmt2legyqfudnoa2bamswj5fwcueinpjdssxbgnon6suytvyoiu6osbgiuv4oikqvdf5ex45ii2fnzk3xfncrtm24sa5mna4ic3dxrfiwzkkt2vmzmc76jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsjj2mwmw5dqcaaqysvpw3uq2fyplcygn7ymeedrq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmcvyvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
31.220.27.155200 OK 74 B URL HTTP/2 s.viitjcfx.com/n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxs6cymjfgal73mxodqxt2pjjggttmgeffw3qhn53h6v3aj5gopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkys6sl6osrmmbvmt2legyqfudnoa2bamswj5fwcueinpjdssxbgnon6suytvyoiu6osbgiuv4oikqvdf5ex45ii2fnzk3xfncrtm24sa5mna4ic3dxrfiwzkkt2vmzmc76jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsjj2mwmw5dqcaaqysvpw3uq2fyplcygn7ymeedrq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmcvyvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /n/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxs6cymjfgal73mxodqxt2pjjggttmgeffw3qhn53h6v3aj5gopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkys6sl6osrmmbvmt2legyqfudnoa2bamswj5fwcueinpjdssxbgnon6suytvyoiu6osbgiuv4oikqvdf5ex45ii2fnzk3xfncrtm24sa5mna4ic3dxrfiwzkkt2vmzmc76jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgus4lvjdqsjj2mwmw5dqcaaqysvpw3uq2fyplcygn7ymeedrq2jskzhuwynai6ofaxu3nmzi4tkjqfjpzx45xfhicmcvyvegszkjm5qq44ikaddeyshzkpafl4r3gtatcv77jbu6q64yx2durkjrtsr7iyfapoe5zh7pnpffkk6jmvp2hgkr4scgunsrjtdmgu4jzzi2qtp3gdhewswbktq5ru5ej7atmv77j6xmbxf4rg7pe24kkla7fwumqkv23r5wndrffl3nxnkgyhi7of7r2xa4gurbscbrambawiydk4bcp23eke======?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE} HTTP/1.1
Host: s.viitjcfx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
s.viitjcfx.com/i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxy7cymrgwa376ktptqxt2pjjggttmgeffw3qhnz3xsulgjrgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyvdk3kosrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdss7bgnon6svpyr76iu7qxzgyuv7dikqvdkgvwu5ii2cti4jxdncrgmcjybnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsmjmpxpc5dqwdg5b5s2g3ia3hsnfwzve6emka5ks25w3wamuzvypjl5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq===
31.220.27.155200 OK 74 B URL HTTP/2 s.viitjcfx.com/i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxy7cymrgwa376ktptqxt2pjjggttmgeffw3qhnz3xsulgjrgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyvdk3kosrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdss7bgnon6svpyr76iu7qxzgyuv7dikqvdkgvwu5ii2cti4jxdncrgmcjybnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsmjmpxpc5dqwdg5b5s2g3ia3hsnfwzve6emka5ks25w3wamuzvypjl5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq===
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /i/1/pniesyteaf5fyatppr6fa2kmmbvqs7crazxxy7cymrgwa376ktptqxt2pjjggttmgeffw3qhnz3xsulgjrgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcaiqbdseibkle5zi765w7732n6jaa2xwwo25tsb6eaxlreyepvl7cuumkyvdk3kosrmmbvmt2lqea4b2tnoa2bamswj5fwcueinpjdss7bgnon6svpyr76iu7qxzgyuv7dikqvdkgvwu5ii2cti4jxdncrgmcjybnmnc6zjotwrfiwzkkt5bv6sch6jz2ncul35rjvdglihche56n47lifpmrz7o2jr7smunqfdcsvkfvbyk53krhuwylqetn3qb7dnmyqghap2fjpn3pj4szzntnjwbfkgutklvjdqsmjmpxpc5dqwdg5b5s2g3ia3hsnfwzve6emka5ks25w3wamuzvypjl5qo2blqbwk7d5lezuvrcrhpiwvcsx55ebz6d3kxrdwqorggnkh5dasb5z5puhjcmtdc6b5tdvfacxg25e2zxjtngjplctprjvdnplnlb4ytgdmvfoqugahliw2m7wjpjo3upeklrdzbxzs27jjto2klafbxeb6k24rknqwspfdkcqwipjg3jgd4baevzecypcqujrgf5qch3ybm5b2ab2tbggq=== HTTP/1.1
Host: s.viitjcfx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:37 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=IMI6tnJzixXIWP3jjeTh&i=0.9341854479203416
185.15.175.174307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/6573/i/i?a=662&e=IMI6tnJzixXIWP3jjeTh&i=0.9341854479203416
IP 185.15.175.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/6573/i/i?a=662&e=IMI6tnJzixXIWP3jjeTh&i=0.9341854479203416 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1669350937747&a=662&e=IMI6tnJzixXIWP3jjeTh&i=0.9341854479203416
Set-Cookie: viuserid=WCXJ8cgcbI0uj1H7HWve; Max-Age=93312000; Expires=Sun, 09 Nov 2025 04:35:37 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
static1.smi2.net/img/500x310/10603984.jpeg
185.162.95.4200 OK 94 kB URL HTTP/1.1 static1.smi2.net/img/500x310/10603984.jpeg
IP 185.162.95.4:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 500x310, components 3\012- data
Hash e28adbcb40515e22b4133dec56a7db6a
dda6bad13937e11e089cdca06ff84da0b84c1990
aef10b5d510539e73da8e45b24420aecd44e9898d8a2b5626fca3014f3bae4dd
GET /img/500x310/10603984.jpeg HTTP/1.1
Host: static1.smi2.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: image/jpeg
Content-Length: 94157
Connection: keep-alive
ETag: W/"637dd492-408f1"
Access-Control-Allow-Origin: *
static5.smi2.net/img/500x310/10607381.jpeg
185.147.80.78200 OK 70 kB URL HTTP/1.1 static5.smi2.net/img/500x310/10607381.jpeg
IP 185.147.80.78:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 441x310, components 3\012- data
Hash 1c001c238618e3585b03f3cf87bf4f6d
ba5925b82da9999844ec9caf1b42a86a79488fdc
646f27378c515dbffae840f09fedfae34ca6a18f22c68899904307d603cd549a
GET /img/500x310/10607381.jpeg HTTP/1.1
Host: static5.smi2.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: image/jpeg
Content-Length: 70183
Connection: keep-alive
ETag: W/"637f7440-61fe"
Access-Control-Allow-Origin: *
fcgi4.gnezdo.ru/cookie_matching/kadam/IMI6tnJzixXIWP3jjeTh/?redirect=1
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam/IMI6tnJzixXIWP3jjeTh/?redirect=1
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam/IMI6tnJzixXIWP3jjeTh/?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 04:35:37 GMT
set-cookie: uid=XV9maWOARhmZ0Js1hcC3Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1669350937747&a=662&e=IMI6tnJzixXIWP3jjeTh&i=0.9341854479203416
185.15.175.174200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1669350937747&a=662&e=IMI6tnJzixXIWP3jjeTh&i=0.9341854479203416
IP 185.15.175.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/6573/i/i?call_source=awg&ts=1669350937747&a=662&e=IMI6tnJzixXIWP3jjeTh&i=0.9341854479203416 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 04:35:37 GMT
access-control-allow-origin: *
etag: "637f41b2-2b"
expires: Fri, 25 Nov 2022 05:35:37 GMT
accept-ranges: bytes
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 489820
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.195200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9832, version 1.0\012- data
Hash efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 23:13:18 GMT
expires: Sat, 18 Nov 2023 23:13:18 GMT
cache-control: public, max-age=31536000
age: 537740
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17596
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 04:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17596
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 04:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17596
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 04:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17596
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 04:35:38 GMT
Connection: keep-alive
fonts.googleapis.com/css2?family=Roboto&display=swap
142.250.74.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto&display=swap
IP 142.250.74.10:0
Hash 1efd6176521e264b2634cd30f6d43ca1
e42bd85b35481fd67b9babbde88725f06eea1659
03b8154b13f550222e760003a92ab583c3e9718988dd966b6bf5fc1544368cc9
GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 04:35:37 GMT
date: Fri, 25 Nov 2022 04:35:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JbjUiHcVu2ytN848RqI8Ygkd0R9YCnq_OeFdc5Y5JTymA2k9HN4lZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
age: 25237
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 84670
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 24059
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJ7Ppbn5tLf-PIzvOMM-JK3paiWilTRRs5f93VzR0dZ5XDeIGwWonw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:55 GMT
age: 23983
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static3.smi2.net/img/500x310/10599604.jpeg
88.212.218.13200 OK 56 kB URL HTTP/1.1 static3.smi2.net/img/500x310/10599604.jpeg
IP 88.212.218.13:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 500x310, components 3\012- data
Hash 6999bb6c18fab00904ed0d9fff7bc0a7
3ba9f4dc7532eb90d56e180bd35bd9299713e5d7
28445b65665f08c439b0106098868471207f41b9294cf2ac9713b0c5d8517119
GET /img/500x310/10599604.jpeg HTTP/1.1
Host: static3.smi2.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:37 GMT
Content-Type: image/jpeg
Content-Length: 56232
Connection: keep-alive
ETag: W/"637b68a4-b74d"
Access-Control-Allow-Origin: *
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:59:22 GMT
age: 23776
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 648677a7e7bab1896a190d2e5fb7243c
6217a262002244ef3f2e8034076a735cafd9888a
72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4270
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xFwXoAMFkqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rKROwsZ-X8yDd4iVaYBaNFe6bgHaThxafIt76PBgLoOTrPMqAVQ9iQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:22:43 GMT
age: 22375
etag: "6217a262002244ef3f2e8034076a735cafd9888a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/73418029/1?wmode=7&page-url=https%3A%2F%2Fbookbest.moy.su%2Fnews%2Fljubovniki_po_nasledstvu%2F2010-02-16-67&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A587760133395%3Ahid%3A251980962%3Az%3A0%3Ai%3A20221125043537%3Aet%3A1669350937%3Ac%3A1%3Arn%3A696944780%3Arqn%3A1%3Au%3A1669350937160178109%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C126%2C131%2C29%2C309%2C0%2C%2C502%2C6%2C%2C%2C%2C1240%3Ans%3A1669350934738%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350937%3At%3A%D0%9B%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BF%D0%BE%20%D0%BD%D0%B0%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D1%83%20-%2016%20%D0%A4%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8F%202010%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B0%D1%8F%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
87.250.251.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/73418029/1?wmode=7&page-url=https%3A%2F%2Fbookbest.moy.su%2Fnews%2Fljubovniki_po_nasledstvu%2F2010-02-16-67&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A587760133395%3Ahid%3A251980962%3Az%3A0%3Ai%3A20221125043537%3Aet%3A1669350937%3Ac%3A1%3Arn%3A696944780%3Arqn%3A1%3Au%3A1669350937160178109%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C126%2C131%2C29%2C309%2C0%2C%2C502%2C6%2C%2C%2C%2C1240%3Ans%3A1669350934738%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350937%3At%3A%D0%9B%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BF%D0%BE%20%D0%BD%D0%B0%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D1%83%20-%2016%20%D0%A4%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8F%202010%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B0%D1%8F%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 74bf2f193ad8b79feb91dfb7e1debfa0
abb5d0b1350ad80ec67efc90e4c18248c1d76d5c
a7f0ee19ded24c1b34aa670e8496acab6787b624492779d58f21254d12533764
GET /watch/73418029/1?wmode=7&page-url=https%3A%2F%2Fbookbest.moy.su%2Fnews%2Fljubovniki_po_nasledstvu%2F2010-02-16-67&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A587760133395%3Ahid%3A251980962%3Az%3A0%3Ai%3A20221125043537%3Aet%3A1669350937%3Ac%3A1%3Arn%3A696944780%3Arqn%3A1%3Au%3A1669350937160178109%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C126%2C131%2C29%2C309%2C0%2C%2C502%2C6%2C%2C%2C%2C1240%3Ans%3A1669350934738%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350937%3At%3A%D0%9B%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BF%D0%BE%20%D0%BD%D0%B0%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D1%83%20-%2016%20%D0%A4%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8F%202010%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B0%D1%8F%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bookbest.moy.su
Referer: https://bookbest.moy.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Fri, 25 Nov 2022 04:35:38 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://bookbest.moy.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 04:35:38 GMT
last-modified: Fri, 25-Nov-2022 04:35:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 66a809304670591e28394bcf6a42cc56
7a13b9948a8f5cc4c1fd048e4e5f2b8f397b5457
04ea73306171d585ec2d5b9f786af867320e73f692cbb93ff0d318bba2a7d857
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04EA73306171D585EC2D5B9F786AF867320E73F692CBB93FF0D318BBA2A7D857"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3289
Expires: Fri, 25 Nov 2022 05:30:28 GMT
Date: Fri, 25 Nov 2022 04:35:39 GMT
Connection: keep-alive
counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;1669350938647
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;1669350938647
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67;1669350938647 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:35:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Wed, 24 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
absoluteroute.com/bens/vinos.js?23433&u=null&a=0.1495713696316351
193.200.64.20200 OK 140 kB URL HTTP/1.1 absoluteroute.com/bens/vinos.js?23433&u=null&a=0.1495713696316351
IP 193.200.64.20:0
ASN #6681 Rozetka Sp. z o.o.
File type ASCII text, with very long lines (727)
Size 140 kB (140149 bytes)
Hash 92b4bf63d28c4c8d2e93300259a47096
d685aa92777410351f6c311717d987f4429c5451
d39435ea257dce073065f73aa427b93e0e861b9e1c451cf2bc23a5ebd62576b0
GET /bens/vinos.js?23433&u=null&a=0.1495713696316351 HTTP/1.1
Host: absoluteroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:39 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16693506931532635802; expires=Sun, 24-Nov-2024 04:35:39 GMT; Max-Age=63072000; path=/; samesite=None; domain=.absoluteroute.com; secure
mc.yandex.ru/watch/73418029?wmode=7&page-url=https%3A%2F%2Fbookbest.moy.su%2Fnews%2Fljubovniki_po_nasledstvu%2F2010-02-16-67&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A587760133395%3Ahid%3A251980962%3Az%3A0%3Ai%3A20221125043537%3Aet%3A1669350937%3Ac%3A1%3Arn%3A696944780%3Arqn%3A1%3Au%3A1669350937160178109%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C126%2C131%2C29%2C309%2C0%2C%2C502%2C6%2C%2C%2C%2C1240%3Ans%3A1669350934738%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350937%3At%3A%D0%9B%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BF%D0%BE%20%D0%BD%D0%B0%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D1%83%20-%2016%20%D0%A4%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8F%202010%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B0%D1%8F%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/73418029?wmode=7&page-url=https%3A%2F%2Fbookbest.moy.su%2Fnews%2Fljubovniki_po_nasledstvu%2F2010-02-16-67&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A587760133395%3Ahid%3A251980962%3Az%3A0%3Ai%3A20221125043537%3Aet%3A1669350937%3Ac%3A1%3Arn%3A696944780%3Arqn%3A1%3Au%3A1669350937160178109%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C126%2C131%2C29%2C309%2C0%2C%2C502%2C6%2C%2C%2C%2C1240%3Ans%3A1669350934738%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350937%3At%3A%D0%9B%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BF%D0%BE%20%D0%BD%D0%B0%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D1%83%20-%2016%20%D0%A4%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8F%202010%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B0%D1%8F%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
GET /watch/73418029?wmode=7&page-url=https%3A%2F%2Fbookbest.moy.su%2Fnews%2Fljubovniki_po_nasledstvu%2F2010-02-16-67&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A587760133395%3Ahid%3A251980962%3Az%3A0%3Ai%3A20221125043537%3Aet%3A1669350937%3Ac%3A1%3Arn%3A696944780%3Arqn%3A1%3Au%3A1669350937160178109%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C126%2C131%2C29%2C309%2C0%2C%2C502%2C6%2C%2C%2C%2C1240%3Ans%3A1669350934738%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350937%3At%3A%D0%9B%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BF%D0%BE%20%D0%BD%D0%B0%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D1%83%20-%2016%20%D0%A4%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8F%202010%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B0%D1%8F%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bookbest.moy.su
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/73418029/1?wmode=7&page-url=https%3A%2F%2Fbookbest.moy.su%2Fnews%2Fljubovniki_po_nasledstvu%2F2010-02-16-67&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A587760133395%3Ahid%3A251980962%3Az%3A0%3Ai%3A20221125043537%3Aet%3A1669350937%3Ac%3A1%3Arn%3A696944780%3Arqn%3A1%3Au%3A1669350937160178109%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C126%2C131%2C29%2C309%2C0%2C%2C502%2C6%2C%2C%2C%2C1240%3Ans%3A1669350934738%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669350937%3At%3A%D0%9B%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%BF%D0%BE%20%D0%BD%D0%B0%D1%81%D0%BB%D0%B5%D0%B4%D1%81%D1%82%D0%B2%D1%83%20-%2016%20%D0%A4%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8F%202010%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B0%D1%8F%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 25 Nov 2022 04:35:37 GMT
access-control-allow-origin: https://bookbest.moy.su
set-cookie: yandexuid=8277775501669350937; Expires=Sat, 25-Nov-2023 04:35:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8277775501669350937; Expires=Sat, 25-Nov-2023 04:35:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1585701171669350937; Path=/; SameSite=None; Secure
i=tC7qNPS3QEwV74YaGpn9pG79FWPc3w+o4PxvGe0nD3jXXjmcIkbujeIpYtQVDVVuMXmouTQ4zEZYTkwGzw3o3A7gqlU=; Expires=Mon, 22-Nov-2032 04:35:37 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700886937.yc.1669350937#1700886937.yrts.1669350937#1700886937.yrtsi.1669350937; Expires=Sat, 25-Nov-2023 04:35:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 04:35:37 GMT
last-modified: Fri, 25-Nov-2022 04:35:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ne-gnevi-boga.at.ua/
195.216.243.237200 OK 0 B IP 195.216.243.237:0
GET / HTTP/1.1
Host: ne-gnevi-boga.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 2ne-gnevi-bogauCoz=; path=/; expires=Wed, 25-Nov-2020 04:35:36 GMT; HttpOnly; domain=.ne-gnevi-boga.at.ua
2ne-gnevi-bogauCoz=; path=/; expires=Wed, 25-Nov-2020 04:35:36 GMT; HttpOnly; domain=.ne-gnevi-boga.at.ua
2ne-gnevi-bogauzll=1669350936; path=/; expires=Sat, 25-Nov-2023 04:35:36 GMT; domain=.ne-gnevi-boga.at.ua
ucvid=zk8RN3rewQ; path=/; expires=Sat, 25-Nov-2023 04:35:36 GMT
2ne-gnevi-bogapushi=1; path=/; expires=Sat, 26-Nov-2022 03:35:36 GMT
Pragma: no-cache
Vary: host
Last-Modified: Thu, 16 Feb 2012 15:12:53 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
bookbest.moy.su/.s/flash/tagcloud.swf?tcolor=0xFFFFFF&hicolor=0xFFFFFF
195.216.243.180200 OK 0 B URL HTTP/1.1 bookbest.moy.su/.s/flash/tagcloud.swf?tcolor=0xFFFFFF&hicolor=0xFFFFFF
IP 195.216.243.180:0
GET /.s/flash/tagcloud.swf?tcolor=0xFFFFFF&hicolor=0xFFFFFF HTTP/1.1
Host: bookbest.moy.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/news/ljubovniki_po_nasledstvu/2010-02-16-67
Cookie: 7bookbestnw=QwAaRoBj; 7bookbestuzll=1669350938; ucvid=w1I2q0Mzel; 7bookbestpushi=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:35:38 GMT
Content-Type: application/x-shockwave-flash
Content-Length: 52305
Last-Modified: Thu, 28 Jan 2016 13:33:18 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56aa189e-cc51"
Expires: Thu, 15 Dec 2022 04:35:38 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
hdbcode.com/kkqahhd3.js
185.98.54.153200 OK 0 B IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
GET /kkqahhd3.js HTTP/1.1
Host: hdbcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:36 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 07:54:04 GMT
vary: Accept-Encoding
etag: W/"637dd19c-565e"
content-encoding: gzip
X-Firefox-Spdy: h2
hdbcode.com/b3aad1kk.js
185.98.54.153200 OK 0 B IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
GET /b3aad1kk.js HTTP/1.1
Host: hdbcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bookbest.moy.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:35:36 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 07:54:04 GMT
vary: Accept-Encoding
etag: W/"637dd19c-565e"
content-encoding: gzip
X-Firefox-Spdy: h2