teploholl.ru/qR/minima
185.25.51.74301 Moved Permanently 316 B IP 185.25.51.74:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d839fd143b9d6cf47bc34ed11940472a
fb6515797126d6c8836541c3cd0825d89ca634d5
83fc7aeeb09a7287ace83b9d08bc591fe7a449c6f912345650e9194a9ec8bfd4
Analyzer Verdict Alert fortinet Phishing
GET /qR/minima HTTP/1.1
Host: teploholl.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 07:29:38 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://teploholl.ru/qR/minima
Content-Length: 316
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8188
Expires: Sat, 04 Feb 2023 09:46:06 GMT
Date: Sat, 04 Feb 2023 07:29:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6017
Expires: Sat, 04 Feb 2023 09:09:55 GMT
Date: Sat, 04 Feb 2023 07:29:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 06:43:36 GMT
content-type: application/json
age: 2762
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7845
Expires: Sat, 04 Feb 2023 09:40:23 GMT
Date: Sat, 04 Feb 2023 07:29:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nnUZLa38D175ozH3EuTALLMNzbT9k9fVA4FTco0WI02hdYCytZbDIWrnyKoa3ovZVei/r9ezWAU=
x-amz-request-id: 0D8S7RHKW8J7F6YY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 06:52:44 GMT
age: 2214
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 07:29:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a9473ac9b97ce1ce66644dd9021aa35
80584dc292e28a20b92207d42401039a15cdd0e0
fd328a8b3a55fe55b834de20ef84922b66e097d83d6188c97a5e98759b7132b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD328A8B3A55FE55B834DE20EF84922B66E097D83D6188C97A5E98759B7132B4"
Last-Modified: Thu, 02 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21510
Expires: Sat, 04 Feb 2023 13:28:08 GMT
Date: Sat, 04 Feb 2023 07:29:38 GMT
Connection: keep-alive
teploholl.ru/qR/minima
185.25.51.74308 Permanent Redirect 1.9 kB IP 185.25.51.74:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f4e0133eaa69b92ee20f65238f374b71
2596a7f9de3f137fbf63951101437e12db6e4970
334c852eb591c19a74a77e8d7620b15e14d4fcf99c8de02788d46d28d500c3b5
Analyzer Verdict Alert fortinet Phishing
GET /qR/minima HTTP/1.1
Host: teploholl.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 308 Permanent Redirect
Date: Sat, 04 Feb 2023 07:29:38 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://avtonovocti.ru/game-vote/430790
Content-Length: 1935
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 06:49:07 GMT
age: 2432
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d23ff988680bd5740412db6e3f3d4791
41a8f8d8365a7f7e1a31ff37e523cef9e48c66c9
2cfa0317b6dec72554552d89ca4326640b18c49ea52fb774fc826338519eace0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CFA0317B6DEC72554552D89CA4326640B18C49EA52FB774FC826338519EACE0"
Last-Modified: Fri, 03 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20418
Expires: Sat, 04 Feb 2023 13:09:57 GMT
Date: Sat, 04 Feb 2023 07:29:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6773
Expires: Sat, 04 Feb 2023 09:22:32 GMT
Date: Sat, 04 Feb 2023 07:29:39 GMT
Connection: keep-alive
avtonovocti.ru/game-vote/430790
88.119.169.114200 OK 3.7 kB URL HTTP/1.1 avtonovocti.ru/game-vote/430790
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (923)
Hash 59619fb70416e7c6de6fd8cb1eeee86c
1942eb3335f8f9e0b3a7b5b57967312f142b2e5d
9708fb9044318c5b5944ce545c5b54dce093b60fbc5d61256334684eea84a67f
Analyzer Verdict Alert fortinet Phishing
GET /game-vote/430790 HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; expires=Sat, 04-Feb-2023 09:29:39 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D; expires=Sat, 04-Feb-2023 09:29:39 GMT; Max-Age=7200; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3736
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
avtonovocti.ru/layouts/game-vote/css/css.css
88.119.169.114200 OK 494 B URL HTTP/1.1 avtonovocti.ru/layouts/game-vote/css/css.css
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
Hash 12141710631ca8ca8e64d6a397a4e90d
3a22235f4160691b5a60c7d852eaa98f33cdf697
f76ef0578afe710583ddf4d9f571366cb5d9cbb673a95b01df64103b27134ce1
GET /layouts/game-vote/css/css.css HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/game-vote/430790
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 11 Nov 2022 20:19:14 GMT
ETag: "ec8-5ed379a84eb34-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 494
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
avtonovocti.ru/vk-login/vk-modal.css
88.119.169.114200 OK 1.1 kB URL HTTP/1.1 avtonovocti.ru/vk-login/vk-modal.css
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
Hash 9d1554ec1a181b74cda46418981252d5
db9274530bb4ab6e6bb2b7c57b3bf700a253665e
4d640e46bdc5579cd04ec396972934c24e9dd75c7ff686d853f76cb01a326eaa
GET /vk-login/vk-modal.css HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/game-vote/430790
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 11 Nov 2022 20:19:15 GMT
ETag: "d7d-5ed379a8da590-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1136
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
avtonovocti.ru/layouts/game-vote/js/jquery.js
88.119.169.114200 OK 33 kB URL HTTP/1.1 avtonovocti.ru/layouts/game-vote/js/jquery.js
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type ASCII text, with very long lines (32038)
Hash 46ed104a51da58b1f8bff2ecab0e898b
3f6098bfd567710a5a5897879b680743d32205ae
7a0cdbe39e6a65c613bdea979908ad28c97eb01c91d576f254fe46ec401c8fd1
Analyzer Verdict Alert fortinet Phishing
GET /layouts/game-vote/js/jquery.js HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/game-vote/430790
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 11 Nov 2022 20:19:14 GMT
ETag: "176d5-5ed379a850a73-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33279
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
avtonovocti.ru/layouts/game-vote/css/laapp.min.css
88.119.169.114200 OK 110 kB URL HTTP/1.1 avtonovocti.ru/layouts/game-vote/css/laapp.min.css
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type ASCII text, with very long lines (65536), with no line terminators
Size 110 kB (109819 bytes)
Hash 05f1b2dad64f141613d0905390de1da8
2aaa0f269fa91f55f7803c3ed6a192bc66c1dbc8
afb8f6e44d8108c0a6d57747cf161fba1845bd9cdff664815f5f33b38f5551fe
GET /layouts/game-vote/css/laapp.min.css HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/game-vote/430790
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 11 Nov 2022 20:19:14 GMT
ETag: "b09d4-5ed379a84fad3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
push.services.mozilla.com/
54.70.68.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.68.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: izq0aMv8VNcfODIT0bXF6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tJrtazCXxTgH/LjmQO0NySXm8sA=
avtonovocti.ru/layouts/game-vote/img/3.png
88.119.169.114200 OK 319 kB URL HTTP/1.1 avtonovocti.ru/layouts/game-vote/img/3.png
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type PNG image data, 340 x 603, 8-bit/color RGBA, non-interlaced\012- data
Size 319 kB (318850 bytes)
Hash 96a627ccff4cba91544d7a6964dfb940
6983b468063ade20671679fdabefa4d34a5ecbfb
40057a3f6c7215bb8fb6f9cbbf8e9c647eebba3c8c108ad3a5557985f04d3a52
GET /layouts/game-vote/img/3.png HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/game-vote/430790
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 11 Nov 2022 20:19:14 GMT
ETag: "4dd82-5ed379a850a73"
Accept-Ranges: bytes
Content-Length: 318850
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
avtonovocti.ru/layouts/game-vote/fonts/Pe-icon-7-stroke.woff
88.119.169.114200 OK 59 kB URL HTTP/1.1 avtonovocti.ru/layouts/game-vote/fonts/Pe-icon-7-stroke.woff
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type Web Open Font Format, TrueType, length 58556, version 1.0\012- data
Hash b38ef310874bdd008ac14ef3db939032
7e544bb11b7655998db6f324c612f7ffbf0ab66e
6fb4217048f333e23e0fd0ba2ab05e05fd7500f86a5a80a7cf04a2f94b257bec
Analyzer Verdict Alert fortinet Phishing
GET /layouts/game-vote/fonts/Pe-icon-7-stroke.woff HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://avtonovocti.ru/layouts/game-vote/css/laapp.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 11 Nov 2022 20:19:14 GMT
ETag: "e4bc-5ed379a850a73"
Accept-Ranges: bytes
Content-Length: 58556
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
avtonovocti.ru/layouts/game-vote/img/6.png
88.119.169.114200 OK 319 kB URL HTTP/1.1 avtonovocti.ru/layouts/game-vote/img/6.png
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type PNG image data, 340 x 603, 8-bit/color RGBA, non-interlaced\012- data
Size 319 kB (318850 bytes)
Hash 96a627ccff4cba91544d7a6964dfb940
6983b468063ade20671679fdabefa4d34a5ecbfb
40057a3f6c7215bb8fb6f9cbbf8e9c647eebba3c8c108ad3a5557985f04d3a52
GET /layouts/game-vote/img/6.png HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/game-vote/430790
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 11 Nov 2022 20:19:14 GMT
ETag: "4dd82-5ed379a850a73"
Accept-Ranges: bytes
Content-Length: 318850
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:29:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:29:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:29:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22992, version 1.0\012- data
Hash 1efbd38aa76ddae2580fedf378276333
8a49976f2470ba2a1db6144245355d3b889312e4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
GET /s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avtonovocti.ru
Connection: keep-alive
Referer: https://avtonovocti.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22992
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 21:48:50 GMT
expires: Thu, 01 Feb 2024 21:48:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jul 2019 03:45:49 GMT
content-type: font/woff2
age: 207649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.woff2
88.119.169.114404 Not Found 1.6 kB URL HTTP/1.0 avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.woff2
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 47172e62787300b279ae2e1d21763c81
8bc8206ab37105da07312f4d39d8e57cc9763e00
258682bcb3d7d927aaf47bfe1c01788db1f0cda4bf2240001e5e7408a6f559ae
Analyzer Verdict Alert fortinet Phishing
GET /layouts/game-vote/fonts/fa-solid-900.woff2 HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://avtonovocti.ru/layouts/game-vote/css/laapp.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.0 404 Not Found
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Content-Length: 1552
Connection: close
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23248, version 1.0\012- data
Hash 98d8cf792834c0bef59c2be99dc3533d
f48e6d698147781b82f573a71f904355274015cd
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
GET /s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avtonovocti.ru
Connection: keep-alive
Referer: https://avtonovocti.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:45:51 GMT
expires: Fri, 02 Feb 2024 18:45:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jul 2019 03:45:42 GMT
content-type: font/woff2
age: 132228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23484, version 1.0\012- data
Hash b4d2c4c39853ee244272c04999b230ba
c82e22dde9716c40ba20e6c7ed03a1b66556de15
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
GET /s/lato/v16/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avtonovocti.ru
Connection: keep-alive
Referer: https://avtonovocti.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 01:03:28 GMT
expires: Sun, 04 Feb 2024 01:03:28 GMT
cache-control: public, max-age=31536000
age: 23171
last-modified: Tue, 23 Jul 2019 03:45:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:29:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.woff
88.119.169.114404 Not Found 1.6 kB URL HTTP/1.0 avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.woff
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 47172e62787300b279ae2e1d21763c81
8bc8206ab37105da07312f4d39d8e57cc9763e00
258682bcb3d7d927aaf47bfe1c01788db1f0cda4bf2240001e5e7408a6f559ae
Analyzer Verdict Alert fortinet Phishing
GET /layouts/game-vote/fonts/fa-solid-900.woff HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://avtonovocti.ru/layouts/game-vote/css/laapp.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.0 404 Not Found
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Content-Length: 1552
Connection: close
Content-Type: text/html; charset=UTF-8
avtonovocti.ru/layouts/game-vote/img/6/favicon.png
88.119.169.114404 Not Found 277 B URL HTTP/1.1 avtonovocti.ru/layouts/game-vote/img/6/favicon.png
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 932f261ce091a52bb8e1537a5c95a2e3
7a1c8a1f7bac5513700d6236eb729440606a5289
8ffd1e940d816da8efb9acdd43f257fb18ed7ee8ea4367b7306e94dd66c0a78c
GET /layouts/game-vote/img/6/favicon.png HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/game-vote/430790
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 277
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.ttf
88.119.169.114404 Not Found 1.6 kB URL HTTP/1.0 avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.ttf
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 47172e62787300b279ae2e1d21763c81
8bc8206ab37105da07312f4d39d8e57cc9763e00
258682bcb3d7d927aaf47bfe1c01788db1f0cda4bf2240001e5e7408a6f559ae
Analyzer Verdict Alert fortinet Phishing
GET /layouts/game-vote/fonts/fa-solid-900.ttf HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/layouts/game-vote/css/laapp.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.0 404 Not Found
Date: Sat, 04 Feb 2023 07:29:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Content-Length: 1552
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash aa4e91f46bac1d35afbfa7e8e8439a8f
cf330b721b42f114b932d5da6df277a04ed35c74
d0dd459e7de0af1849ca43c0c601fbfdd58b457874e2449b75deb34e4a50795b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:29:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 05:11:44 GMT
ETag: "cf330b721b42f114b932d5da6df277a04ed35c74"
Last-Modified: Sat, 04 Feb 2023 05:11:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1058
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941b250ce5fb4f7-OSL
sun9-22.userapi.com/s/v1/ig2/ZkCl2PzgZxDmFiYHJYntOvOSWyUdu-I1Lo3dNKd7d5mN3Ff_JG2IuYdSR7KEcr3yoyYhbCooyFpBNrgTY-MjFbM2.jpg?size=384x384&quality=95&crop=199,36,384,384&ava=1
93.186.227.133200 OK 63 kB URL HTTP/2 sun9-22.userapi.com/s/v1/ig2/ZkCl2PzgZxDmFiYHJYntOvOSWyUdu-I1Lo3dNKd7d5mN3Ff_JG2IuYdSR7KEcr3yoyYhbCooyFpBNrgTY-MjFbM2.jpg?size=384x384&quality=95&crop=199,36,384,384&ava=1
IP 93.186.227.133:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 384x384, components 3\012- data
Hash b85365642982f9c4f7b49e0f09e69ee0
d3af15fbfb202582707675492c9f92086cb5a55a
e944bb6b0d7ec84e08e14f3af966b6be66eba1501f3bee706904994247d65ebd
GET /s/v1/ig2/ZkCl2PzgZxDmFiYHJYntOvOSWyUdu-I1Lo3dNKd7d5mN3Ff_JG2IuYdSR7KEcr3yoyYhbCooyFpBNrgTY-MjFbM2.jpg?size=384x384&quality=95&crop=199,36,384,384&ava=1 HTTP/1.1
Host: sun9-22.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sat, 04 Feb 2023 07:29:39 GMT
content-type: image/jpeg
content-length: 63417
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-imp: 825002
expires: Mon, 06 Mar 2023 07:29:39 GMT
cache-control: max-age=2592000
x-frontend: front504112
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.woff2
88.119.169.114404 Not Found 1.6 kB URL HTTP/1.0 avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.woff2
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 47172e62787300b279ae2e1d21763c81
8bc8206ab37105da07312f4d39d8e57cc9763e00
258682bcb3d7d927aaf47bfe1c01788db1f0cda4bf2240001e5e7408a6f559ae
Analyzer Verdict Alert fortinet Phishing
GET /layouts/game-vote/fonts/fa-solid-900.woff2 HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://avtonovocti.ru/layouts/game-vote/css/laapp.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.0 404 Not Found
Date: Sat, 04 Feb 2023 07:29:40 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Content-Length: 1552
Connection: close
Content-Type: text/html; charset=UTF-8
avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.woff
88.119.169.114404 Not Found 1.6 kB URL HTTP/1.0 avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.woff
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 47172e62787300b279ae2e1d21763c81
8bc8206ab37105da07312f4d39d8e57cc9763e00
258682bcb3d7d927aaf47bfe1c01788db1f0cda4bf2240001e5e7408a6f559ae
Analyzer Verdict Alert fortinet Phishing
GET /layouts/game-vote/fonts/fa-solid-900.woff HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://avtonovocti.ru/layouts/game-vote/css/laapp.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.0 404 Not Found
Date: Sat, 04 Feb 2023 07:29:40 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Content-Length: 1552
Connection: close
Content-Type: text/html; charset=UTF-8
avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.ttf
88.119.169.114404 Not Found 1.6 kB URL HTTP/1.0 avtonovocti.ru/layouts/game-vote/fonts/fa-solid-900.ttf
IP 88.119.169.114:0
ASN #61272 Informacines sistemos ir technologijos, UAB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 47172e62787300b279ae2e1d21763c81
8bc8206ab37105da07312f4d39d8e57cc9763e00
258682bcb3d7d927aaf47bfe1c01788db1f0cda4bf2240001e5e7408a6f559ae
Analyzer Verdict Alert fortinet Phishing
GET /layouts/game-vote/fonts/fa-solid-900.ttf HTTP/1.1
Host: avtonovocti.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/layouts/game-vote/css/laapp.min.css
Cookie: XSRF-TOKEN=eyJpdiI6InlWRTZ3Q05NSDFDVEZYZ1BaQVNrK0E9PSIsInZhbHVlIjoidlJ2UlVOZW5oVlF0U0U4ZE9XXC9FeUFSNVpwR0JyQld2RzZYaUl1ZlhuXC9CekdDM2kxTEdab3A1WTRSSDBZSHpnIiwibWFjIjoiZDRlMTVlNWE3NWQ5ZGZmMmQ0YjdmZGVkMjgxOGFmOTViY2MyYjgyMTMxNWI1NTU2NzZiMTQyYTUyY2Y5MDgwMiJ9; laravel_session=eyJpdiI6IlFpU2U2TnpYaXkwUXllcDdvVVQ0Unc9PSIsInZhbHVlIjoiZ1JZMXR3cVJsMlNtMXI1Z0JZM2NTUDYrblBRb3FRa1RPaGdRSDVaQ290bzh0d0c1NDM4UjNaalBrUjlCbitpUiIsIm1hYyI6ImFhODZlYjY0ZmMzMzZlODM3YmFhOGNjNjhjNDI4Mjk2ODM3YTU5N2JlODMyNjUzM2EzMjNjYjQyYTViNTQ4NDEifQ%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.0 404 Not Found
Date: Sat, 04 Feb 2023 07:29:40 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Content-Length: 1552
Connection: close
Content-Type: text/html; charset=UTF-8
sun9-54.userapi.com/z246O11fVxcL5fbKmDjHTQAgH8ok7-fej5w7kw/GCEXL17glEU.jpg
87.240.185.157200 OK 72 kB URL HTTP/2 sun9-54.userapi.com/z246O11fVxcL5fbKmDjHTQAgH8ok7-fej5w7kw/GCEXL17glEU.jpg
IP 87.240.185.157:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x600, components 3\012- data
Hash 1daab7219a15a92c3bbd174fdaf1dced
f81879bae4b6f9914807ffec63e617bb17d3d8f1
2f0bf864f5ee625f8a982b520b9a612924fc0761ce543adb2ed77133716e0a4b
GET /z246O11fVxcL5fbKmDjHTQAgH8ok7-fej5w7kw/GCEXL17glEU.jpg HTTP/1.1
Host: sun9-54.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avtonovocti.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sat, 04 Feb 2023 07:29:40 GMT
content-type: image/jpeg
content-length: 72187
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: 41863a6a-64cc-4fbd-9748-df6e51837ff2
expires: Mon, 06 Mar 2023 07:29:40 GMT
cache-control: max-age=2592000
x-frontend: front221005
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7441
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:29:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7441
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:29:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7441
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:29:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7441
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:29:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F043bf414-ba77-4973-9779-d0c124ae0baf.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F043bf414-ba77-4973-9779-d0c124ae0baf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28099f5ad8a27e5a49a0d1c842486329
d47caba75b363a4c008e5a9a9d0b8e39d9fa4abd
1d798d35ceae594d86fa43aa0ef47b962c52bb1557e17dda9b294bd01f374b3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F043bf414-ba77-4973-9779-d0c124ae0baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8352
x-amzn-requestid: 80032cef-14cd-4f56-9830-8c74891ed00f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEqQFDJIAMFspQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8174-6d3310287fc74bb27e9b038a;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: byr2TaC2xnnUl56r2iGKZI0o8Ctsv0iy42h_F7-ezKpEijaH9rr5EQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:53 GMT
etag: "d47caba75b363a4c008e5a9a9d0b8e39d9fa4abd"
content-type: image/jpeg
age: 33407
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 34413
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 33836
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ThTL_OlFd4yMELCmSzH4ziqxa8gdYgAAbxLY9VZPVaIldOUkvFVF_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:43 GMT
age: 33417
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 4176
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 34154
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sun9-54.userapi.com/c852236/v852236285/12c2b0/F7ry_A0SwQc.jpg?ava=1
87.240.185.157301 Moved Permanently 0 B URL HTTP/2 sun9-54.userapi.com/c852236/v852236285/12c2b0/F7ry_A0SwQc.jpg?ava=1
IP 87.240.185.157:0
GET /c852236/v852236285/12c2b0/F7ry_A0SwQc.jpg?ava=1 HTTP/1.1
Host: sun9-54.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avtonovocti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: kittenx
date: Sat, 04 Feb 2023 07:29:40 GMT
content-type: image/jpeg
location: /z246O11fVxcL5fbKmDjHTQAgH8ok7-fej5w7kw/GCEXL17glEU.jpg
expires: Mon, 06 Mar 2023 07:29:40 GMT
cache-control: max-age=2592000
x-frontend: front221005
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2