www.blog.help.avalon.ltd/
190.115.31.101301 Moved Permanently 568 B URL HTTP/1.1 www.blog.help.avalon.ltd/
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Sun, 22 Jan 2023 08:39:14 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://www.blog.help.avalon.ltd/
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9377
Expires: Sun, 22 Jan 2023 11:15:32 GMT
Date: Sun, 22 Jan 2023 08:39:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5164
Expires: Sun, 22 Jan 2023 10:05:19 GMT
Date: Sun, 22 Jan 2023 08:39:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Sun, 22 Jan 2023 10:01:53 GMT
Date: Sun, 22 Jan 2023 08:39:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 07:42:30 GMT
content-type: application/json
age: 3405
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Y6yskyqbBgHc5h+Iso5J20I1q3ReB334GBI0rNW8KXtPkM1zJKR/T2wP0HQQLT7l+JriIl4GCxI=
x-amz-request-id: A2FZSM0CDAWBTBZY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 07:47:12 GMT
age: 3123
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:39:15 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 05dbdb02466cfcfdd0f98304f467045d
849e88da34d2419e09daf99130c2f4bb38a33120
6121022b631c8567b393ff88b347f645378e1f2740647b346699f9c27b2cb738
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6121022B631C8567B393FF88B347F645378E1F2740647B346699F9C27B2CB738"
Last-Modified: Sun, 22 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 22 Jan 2023 14:39:15 GMT
Date: Sun, 22 Jan 2023 08:39:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 08:17:30 GMT
age: 1305
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 864
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:15 GMT
Last-Modified: Sun, 22 Jan 2023 08:24:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.blog.help.avalon.ltd/css/reset.css?ver=7.0.5
190.115.31.101200 OK 522 B URL HTTP/2 www.blog.help.avalon.ltd/css/reset.css?ver=7.0.5
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 1cd35a609dba0c96f740f47f3db386f7
9feba7f137367d42940fc6401cc3d7982017688a
605b8c96571c91f701d05cee98abbdfb7b9998828193e5c6af5f29914d61dd38
GET /css/reset.css?ver=7.0.5 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"43d-5bfc498e3e518"
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 522
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/css/hyper.css
190.115.31.101200 OK 9.8 kB URL HTTP/2 www.blog.help.avalon.ltd/css/hyper.css
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b2365a55c5320b2c5c2256c5f4e7a0d
983c14dbc84f07d4dbd14261c72ed374e61c3616
c456942e14a9afdc0ca3d87de44dea8da0e48d8193e1b64398fe3fce5b89614a
GET /css/hyper.css HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Wed, 09 Mar 2022 13:11:11 GMT
etag: W/"126aa-5d9c8d4d7e5ed"
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 9790
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1e65345e0c717dd59ee1e3e0e0be7b08
b6c246d83c585585a88d8581eff8c833c8b666e5
2e559df3c39e3edffab89b18a3036fa44837beb43b5ba51f8c722eef58ee1d08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4013
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:15 GMT
Last-Modified: Sun, 22 Jan 2023 07:32:22 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.blog.help.avalon.ltd/css/animate.css?ver=7.0.5
190.115.31.101200 OK 4.2 kB URL HTTP/2 www.blog.help.avalon.ltd/css/animate.css?ver=7.0.5
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (460)
Hash d0ba152e6a56f037df4d021179c7c91f
438c107fc29c421bd5ac7ec0e49a8495f3bb518f
051711b23493e621536e11ce3da015928d8afa0943000e2f0612e3ac08822c8e
Analyzer Verdict Alert fortinet Phishing
GET /css/animate.css?ver=7.0.5 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"df0f-5bfc498e3e130"
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 4196
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/css/mobile.css?ver=7.1.4
190.115.31.101200 OK 4.8 kB URL HTTP/2 www.blog.help.avalon.ltd/css/mobile.css?ver=7.1.4
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 75a8f3b784b9cff888ca265b66f5618b
6b4336550bf68b6dc307bd8a16c43bece4d7a501
8f7c4c1ab7ea3f7d1ec14c134f699cba0152e447a1bfe0749af75d0020b6551a
Analyzer Verdict Alert fortinet Phishing
GET /css/mobile.css?ver=7.1.4 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"9c49-5bfc498e3f4b9"
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 4795
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/logo-snow.svg
190.115.31.101200 OK 13 kB URL HTTP/2 www.blog.help.avalon.ltd/img/logo-snow.svg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (36762), with no line terminators
Hash 8dc2bdf7c1c5498e5c84d54a771b2a3e
dddbd5c289669121b6ef9ff452991d24ed0eb38d
423ce170e0eb7925e6297c92f14418258321c781ab469ffc7261f9b352848246
Analyzer Verdict Alert fortinet Phishing
GET /img/logo-snow.svg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Sat, 25 Dec 2021 11:06:55 GMT
etag: W/"9634-5d3f67831084b"
accept-ranges: bytes
access-control-allow-origin: *
content-type: image/svg+xml
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 12976
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/companies/fantom.png
190.115.31.101200 OK 4.7 kB URL HTTP/2 www.blog.help.avalon.ltd/img/companies/fantom.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash a9d8e05ac8febfc4b5701f4f4127ba15
10b653e799faf3a9a1e8f366f875a0854ea00afb
db737e5f003efdea412ff4d243c2c93486e36fd2aa23be730dfa1c3f3e8aa4a2
GET /img/companies/fantom.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "1235-5bfc498e5d153"
accept-ranges: bytes
content-length: 4661
content-type: image/png
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blog.help.avalon.ltd/css/slick-theme.css?ver=7.0.5
190.115.31.101200 OK 765 B URL HTTP/2 www.blog.help.avalon.ltd/css/slick-theme.css?ver=7.0.5
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 3e3bdf51acaa88df9a97641e2b334b00
01038a3db66a529827f6fb1b821d6336391acae8
3229cbe972e5a095edb80efa60f65de151c08d4ca164be7bd506b6897bd427c9
GET /css/slick-theme.css?ver=7.0.5 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"c2c-5bfc498e3e518"
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 765
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/css/slick.css?ver=7.0.5
190.115.31.101200 OK 1.3 kB URL HTTP/2 www.blog.help.avalon.ltd/css/slick.css?ver=7.0.5
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type assembler source, ASCII text
Hash 6a5011a1eb3529a3e435cbb771b4f920
4f6d46d3611ec912892087517b72f56749521a1d
b70746fb602537f0c72dc582381ce2a146dcbfd56532aa52d67ef128fb4d31bb
GET /css/slick.css?ver=7.0.5 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"1413-5bfc498e3e518"
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 1319
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/
190.115.31.101200 OK 30 kB URL HTTP/2 www.blog.help.avalon.ltd/
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (4766)
Hash 32c00d7b808c9c2a0c5e3687f02a3cda
1f0f432ce054ca7c5e5906c4d9c0a03ed9bf364e
a1b24ee62c1762e2da4828be6651f8c3a7cf18ff3074304e515caddd12e04c50
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:15 GMT
x-powered-by: PHP/5.4.16
set-cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; Domain=.avalon.ltd; HttpOnly; Path=/; Expires=Mon, 22-Jan-2024 08:39:15 GMT
PHPSESSID=gt1ikns57e3q0ioimucgb74ec6; expires=Fri, 21-Jul-2023 08:39:15 GMT; path=/; domain=avalon.ltd
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=windows-1251
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/logo2-snow.svg
190.115.31.101200 OK 13 kB URL HTTP/2 www.blog.help.avalon.ltd/img/logo2-snow.svg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (36043), with no line terminators
Hash fbb7908626cee6764921d883d1bda458
085a5a68d3c33a2cc420c39de72bc652f7c60f1d
c67e333d5a549399b71f9fde746155c18b6836b73b51c36169ff3ed1524f158e
Analyzer Verdict Alert fortinet Phishing
GET /img/logo2-snow.svg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Sat, 25 Dec 2021 11:06:55 GMT
etag: W/"92d5-5d3f67832545b"
accept-ranges: bytes
access-control-allow-origin: *
content-type: image/svg+xml
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 12823
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/account/images/card/mslogo.png
190.115.31.101200 OK 19 kB URL HTTP/2 www.blog.help.avalon.ltd/account/images/card/mslogo.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 512 x 420, 8-bit/color RGBA, non-interlaced\012- data
Hash 516e786a5c0ed5d4510bb01b33aad9ff
9add9bcb40f1a60ca3504ef69364471c32889bd9
747b49f939cb046c393228fa92550a8e6eeca7cf4c0bff0fdcb7f2363a5493cc
GET /account/images/card/mslogo.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:44 GMT
last-modified: Mon, 12 Apr 2021 11:11:31 GMT
etag: "49cc-5bfc493739bc2"
accept-ranges: bytes
content-length: 18892
content-type: image/png
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/account/images/card/mirlogo.png
190.115.31.101200 OK 21 kB URL HTTP/2 www.blog.help.avalon.ltd/account/images/card/mirlogo.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 1600 x 1600, 8-bit colormap, non-interlaced\012- data
Hash dce46f00ba70c17c2266cd5972b41707
4e8834fe80cb2f786e37d7ef468b7721d7badc75
c5ce950eff3093b82b5a6a8e1badbef6ebeebd7e897b206f80c75d095089286e
GET /account/images/card/mirlogo.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:11:31 GMT
etag: "50c6-5bfc493739bc2"
accept-ranges: bytes
content-length: 20678
content-type: image/png
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/tarif-last.png
190.115.31.101200 OK 26 kB URL HTTP/2 www.blog.help.avalon.ltd/img/tarif-last.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced\012- data
Hash 914f90dfccde4f1c93a2b35103e87544
f072bab273442db74631a65f4a405ad8117526e8
ee6f62f893cd05f81abe68605b4900ddc0d3db388e2909f55c96d0880c2ffa53
GET /img/tarif-last.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "6540-5bfc498e6ac18"
accept-ranges: bytes
content-length: 25920
content-type: image/png
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/slider-image2.jpg
190.115.31.101200 OK 150 kB URL HTTP/2 www.blog.help.avalon.ltd/img/slider-image2.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 663x665, components 3\012- data
Size 150 kB (149676 bytes)
Hash ed73a6ecd7358a2d03e90ff6678c9947
7c61ea0c4b3a7d4798ef0c0c79dff81a9867569d
1f70ac00f30beef27ab885adea8445eeab1b13cdacc3d5dc82acde4dd599dc07
GET /img/slider-image2.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "248ac-5bfc498e694a8"
accept-ranges: bytes
content-length: 149676
content-type: image/jpeg
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/user-invest1.png
190.115.31.101200 OK 298 kB URL HTTP/2 www.blog.help.avalon.ltd/img/user-invest1.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 750 x 750, 8-bit/color RGBA, non-interlaced\012- data
Size 298 kB (298028 bytes)
Hash 991bbf47b7f92a369ad649287be1f988
f71ad16a36a2bd5812bf8ecacb99fd33ada1c149
508b1587622b48ff6851c1e394ad98af9d1edbe8078c07f2a044a59745ea73b3
GET /img/user-invest1.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "48c2c-5bfc498e6cb59"
accept-ranges: bytes
content-length: 298028
content-type: image/png
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/css/jquery.fancybox.css?ver=7.0.5
190.115.31.101200 OK 3.4 kB URL HTTP/2 www.blog.help.avalon.ltd/css/jquery.fancybox.css?ver=7.0.5
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 335c2b1da77d9be9b3ea9e78b9652f79
d64d7a205b8a495726e8e53fba50c310dca4662d
aa0c01ab5081570440325d991c59a90f3e09eb31f9ecc581874c8a26e1368586
Analyzer Verdict Alert fortinet Phishing
GET /css/jquery.fancybox.css?ver=7.0.5 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"4404-5bfc498e3e518"
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 92132
content-length: 3444
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/html5shiv.js?ver=7.0.5
190.115.31.101200 OK 2.9 kB URL HTTP/2 www.blog.help.avalon.ltd/js/html5shiv.js?ver=7.0.5
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document, ASCII text
Hash 1ee357f9c631e21d8d742709dd4832a1
f9c4f1bddc7199616db6260d0b5c1b58d966ae41
7ce15530a5eb80c5b657f2816c055aadaf586ad6a05767d20f1fc0d1b8188f18
Analyzer Verdict Alert fortinet Phishing
GET /js/html5shiv.js?ver=7.0.5 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:20 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"2544-5bfc498e7291b"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92815
content-length: 2930
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/invest1.png
190.115.31.101200 OK 1.9 kB URL HTTP/2 www.blog.help.avalon.ltd/img/invest1.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 115 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 05300284c62298a3eb47a00f603bb977
b6a2c96ec1bcd418e7610cb377baebe838759ca1
008238fe618d7fb6b563d226198e46fcc4e28c2b3e739c17f0eab24851968111
GET /img/invest1.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "798-5bfc498e6811f"
accept-ranges: bytes
content-length: 1944
content-type: image/png
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/steps.jpg
190.115.31.101200 OK 43 kB URL HTTP/2 www.blog.help.avalon.ltd/img/steps.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 748x737, components 3\012- data
Hash 889181059e75aa119dd8e8884f28b5d8
3b6614c506f771653ee5d37d9558eda39aaa0306
16f28b87acf1d887787ab8bd05a4aff23d9d8799234cf6c58ee213ae35675940
GET /img/steps.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "a656-5bfc498e6a448"
accept-ranges: bytes
content-length: 42582
content-type: image/jpeg
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/contacts.jpg
190.115.31.101200 OK 168 kB URL HTTP/2 www.blog.help.avalon.ltd/img/contacts.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 498x809, components 3\012- data
Size 168 kB (168239 bytes)
Hash 5c1f975f6264ea6f9f9dd99668da0f9c
9658c311105d225e5ea2599d4d4761dd8897450c
6c5325b0cde1aa7e1d68aa0289b2e00b41d004a9fb65370d2aa49ddef2883a3c
GET /img/contacts.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "2912f-5bfc498e64a6e"
accept-ranges: bytes
content-length: 168239
content-type: image/jpeg
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/features.jpg
190.115.31.101200 OK 346 kB URL HTTP/2 www.blog.help.avalon.ltd/img/features.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x710, components 3\012- data
Size 346 kB (345549 bytes)
Hash f31076adb02b0e08d08d021a699bf4f5
21503bea269b23065fe7e847c6dadb467a0d8883
83d3e54f58f85753ef76e933ef7d3688df203dff5ba6c365d43e75870385dac1
GET /img/features.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "545cd-5bfc498e665c7"
accept-ranges: bytes
content-length: 345549
content-type: image/jpeg
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/companies/biim.png
190.115.31.101200 OK 5.3 kB URL HTTP/2 www.blog.help.avalon.ltd/img/companies/biim.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 39227fece030765bf115adce20c3b6ae
07cdd95fe66bfdded648f2c8742be107c3d8ff49
d05197f1b0683a40468892bdd2a26c944049d98bb756ed83a4ab3f655f2e34ad
GET /img/companies/biim.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "14c0-5bfc498e5d53b"
accept-ranges: bytes
content-length: 5312
content-type: image/png
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/maskinput.js?ver=7.0.7
190.115.31.101200 OK 1.8 kB URL HTTP/2 www.blog.help.avalon.ltd/js/maskinput.js?ver=7.0.7
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (4112), with no line terminators
Hash e7b905c9ddbe4c12af06f53bfd5f3a8c
f67f164e9ecfd49f5eaf8aff24355aa4fcf6d633
1fbdfb9ab45cc5ae748c6e1bfb52d77ccf2a575449e89fa5b60e4236752d6124
Analyzer Verdict Alert fortinet Phishing
GET /js/maskinput.js?ver=7.0.7 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:23 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"1010-5bfc498e734d3"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92813
content-length: 1821
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/jquery.spincrement.min.js?ver=7.0.7
190.115.31.101200 OK 698 B URL HTTP/2 www.blog.help.avalon.ltd/js/jquery.spincrement.min.js?ver=7.0.7
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1423), with no line terminators
Hash b722a03b9429220f312b84c182154678
ab6e39ace69bec8c567826ccf9e021c904644bd1
1a2756b50806c5a7251af4a0696dd6e6612fe75e3631a6cbdcd83b1116998440
GET /js/jquery.spincrement.min.js?ver=7.0.7 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:27 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"58f-5bfc498e734d3"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92809
content-length: 698
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/slick.min.js?ver=7.0.7
190.115.31.101200 OK 12 kB URL HTTP/2 www.blog.help.avalon.ltd/js/slick.min.js?ver=7.0.7
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (42862)
Hash bf8fccf0ab9bd7dc8a19a745d501f7e4
8706047d4c4b2e244d9f079b332e87d6b9b9a179
e139084791beb31a8deea1dbc13cf8e136dac755133f8b270bdb36d6b4b2548f
Analyzer Verdict Alert fortinet Phishing
GET /js/slick.min.js?ver=7.0.7 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:24 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"c247-5bfc498e73ca3"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92812
content-length: 12411
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/slider-image4.jpg
190.115.31.101200 OK 180 kB URL HTTP/2 www.blog.help.avalon.ltd/img/slider-image4.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 530x640, components 3\012- data
Size 180 kB (180451 bytes)
Hash a0c3245d11d452a2ecdf5516af8005e4
c2b4382a54888e3c4f94b8c16921f63ad5cbf342
c0db87efa07619840adee42583fe09ec5b7540c2e70d74151b4f0e15053d799b
GET /img/slider-image4.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "2c0e3-5bfc498e69c78"
accept-ranges: bytes
content-length: 180451
content-type: image/jpeg
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/slider-image1.jpg
190.115.31.101200 OK 220 kB URL HTTP/2 www.blog.help.avalon.ltd/img/slider-image1.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 691x656, components 3\012- data
Size 220 kB (220138 bytes)
Hash 5ad2975d587e2f9ec3521a50f1f18394
c0e5a8a939a0f1dcbd093a79b6075028fc30b980
4d98c2ef49a722e9840250daae43fa8088dc304600528177fdd563b247acf302
GET /img/slider-image1.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "35bea-5bfc498e694a8"
accept-ranges: bytes
content-length: 220138
content-type: image/jpeg
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/jquery.fancybox.js?ver=7.0.7
190.115.31.101200 OK 39 kB URL HTTP/2 www.blog.help.avalon.ltd/js/jquery.fancybox.js?ver=7.0.7
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document, Unicode text, UTF-8 text
Hash 56e497bfea6cd46f97f19a6eb6182d64
c55a17e38439dfdcbde9db4e1d8fe9fee42e7fb1
b217acd3467ecedb5464ce58b5de4075fea3093d84dade2de9185ae9ed8164fd
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.fancybox.js?ver=7.0.7 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:25 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"2739b-5bfc498e730eb"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92811
content-length: 38856
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/nouislider.min.js?ver=7.0.7
190.115.31.101200 OK 8.6 kB URL HTTP/2 www.blog.help.avalon.ltd/js/nouislider.min.js?ver=7.0.7
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (24708)
Hash d3258773447fa27ba64a388c412df11d
c4aedbccbd643a59aa864da5ff2ed791ebfb5c88
409eaa84af1889b7c24bd67102a5c9e6f859f1f588b1a48863280b33338189a4
Analyzer Verdict Alert fortinet Phishing
GET /js/nouislider.min.js?ver=7.0.7 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:28 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"60ab-5bfc498e738bb"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92808
content-length: 8641
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/wow.min.js?ver=7.0.7
190.115.31.101200 OK 2.8 kB URL HTTP/2 www.blog.help.avalon.ltd/js/wow.min.js?ver=7.0.7
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (8099)
Hash 6789b7350c3fd169930a8c4a38842bab
e3f9b94b0196b118cb08ca6706db7e56048d0d91
25be01e637845dceec897001fccdf7fe5376a1cf4e556bfa048f41f96db3d12f
GET /js/wow.min.js?ver=7.0.7 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:30 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"1fdb-5bfc498e73ca3"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92807
content-length: 2824
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blog.help.avalon.ltd/img/companies/treasure-hunters.png
190.115.31.101200 OK 6.1 kB URL HTTP/2 www.blog.help.avalon.ltd/img/companies/treasure-hunters.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 68e9f385659b6c325fec1c79c87084b7
1197899c0916ba69babcc4d1b740dd6f428bbd13
dc507643ffac6d37831add970274a0dc1b1f66fb2e96534b7f518fd40e58da57
GET /img/companies/treasure-hunters.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "17f2-5bfc498e5d153"
accept-ranges: bytes
content-length: 6130
content-type: image/png
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/small-1doc.jpg
190.115.31.101200 OK 143 kB URL HTTP/2 www.blog.help.avalon.ltd/img/small-1doc.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 492x700, components 3\012- data
Size 143 kB (142728 bytes)
Hash bcae60cdef325939a2379edcaf7d7e50
fefd8919d3c59bb34da6bd26fe3500cf8e83378e
17182f6e4bccd9be99c65644f72ecbf2325de467af00d88ed75f494cc28b4b53
GET /img/small-1doc.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:15 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "22d88-5bfc498e6daf9"
accept-ranges: bytes
content-length: 142728
content-type: image/jpeg
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/account/images/card/visalogo.png
190.115.31.101200 OK 12 kB URL HTTP/2 www.blog.help.avalon.ltd/account/images/card/visalogo.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e13e377243df713ba492e739506d73d
81788af0c330556987223544e4dc34d51a6f5b74
ea0c81c9233662fe7db0c493cffc1730cb7ace9d5e73b0c14014c975614b1eae
GET /account/images/card/visalogo.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:11:31 GMT
etag: "2e71-5bfc493739bc2"
accept-ranges: bytes
content-length: 11889
content-type: image/png
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/scripts.js?ver=7.1.7
190.115.31.101200 OK 3.6 kB URL HTTP/2 www.blog.help.avalon.ltd/js/scripts.js?ver=7.1.7
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type ISO-8859 text, with very long lines (627)
Hash b15a3c2ead1ec36fc27e828cc365d647
bf65c0f8857c9c3951ce04fceeee68fb162dfdcf
926e067d0b4b4f77f56e61c95f2ae5b32257382213994d458b47291514add723
GET /js/scripts.js?ver=7.1.7 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:31 GMT
last-modified: Tue, 08 Jun 2021 18:01:14 GMT
etag: W/"3e1e-5c444f1a0fc80"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92805
content-length: 3622
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/index.js?ver=7.1.3
190.115.31.101200 OK 1.4 kB URL HTTP/2 www.blog.help.avalon.ltd/js/index.js?ver=7.1.3
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 30b507888fc55b8044bd28d2a549f963
ea24cbf4cc4df1e20892295b487ffd27b105dcf7
9f036e2edc527d90be3d80c766b588203c62527138fb2b7ed40dd2647a4b94fe
Analyzer Verdict Alert fortinet Phishing
GET /js/index.js?ver=7.1.3 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 06:52:20 GMT
last-modified: Sat, 30 Oct 2021 19:00:12 GMT
etag: W/"d24-5cf968da6463f"
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
age: 92816
content-length: 1360
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/new-user11.png
190.115.31.101200 OK 70 kB URL HTTP/2 www.blog.help.avalon.ltd/img/new-user11.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 750 x 750, 8-bit/color RGBA, non-interlaced\012- data
Hash 801f3b93fb3e5c60e9354b3b4f005511
b9967b4ccf0dd4d869405d99ed36ad9e43485b43
a685625cfadeed0e0aa2308ac8187f55cbb0f4263c560961243295cc6399ae97
GET /img/new-user11.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "1125e-5bfc498e6d711"
accept-ranges: bytes
content-length: 70238
content-type: image/png
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.122.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.122.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R0eNyHYdJdD4SroLNMjAzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cIusIUQHUcd2vHe93bzMKcpgKo0=
www.blog.help.avalon.ltd/img/oborot1.png
190.115.31.101200 OK 76 kB URL HTTP/2 www.blog.help.avalon.ltd/img/oborot1.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 750 x 750, 8-bit/color RGBA, non-interlaced\012- data
Hash 212bfc6a5ef3feee79c2d9a85266546f
0af62c8e5f396a2f4e77564edc3a4ecef060a85b
cb74205a03168902f9aacc103546a37661b48b022926f148ecb6cfc10234fb64
GET /img/oborot1.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "12923-5bfc498e6cf41"
accept-ranges: bytes
content-length: 76067
content-type: image/png
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/how.jpg
190.115.31.101200 OK 256 kB URL HTTP/2 www.blog.help.avalon.ltd/img/how.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 639x741, components 3\012- data
Size 256 kB (256258 bytes)
Hash d95bca087adbd21dfbfae19c39a6127d
9a77673764da6d804a97472ddb05275be29ce32b
29284805e5fd703f31ba9c614d3059ac4b9c182c967190f6333fac56dc835564
GET /img/how.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "3e902-5bfc498e66d97"
accept-ranges: bytes
content-length: 256258
content-type: image/jpeg
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/slider-image3.jpg
190.115.31.101200 OK 174 kB URL HTTP/2 www.blog.help.avalon.ltd/img/slider-image3.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 498x656, components 3\012- data
Size 174 kB (173973 bytes)
Hash 7a0a96d1442deb1ca1deb87b48f2ea1d
9d829a605b65b8ea400b134996ef6b0b47aa113b
ae54ca8331ca124103801c1c7359ce3c4b9e19d5bda3b41e5d23b34e1e880eb4
GET /img/slider-image3.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "2a795-5bfc498e69c78"
accept-ranges: bytes
content-length: 173973
content-type: image/jpeg
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/faq.jpg
190.115.31.101200 OK 178 kB URL HTTP/2 www.blog.help.avalon.ltd/img/faq.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 669x769, components 3\012- data
Size 178 kB (178532 bytes)
Hash 635a39884649f977089022802ebafde9
82cf70578b689ad3428e4fe83d967a43e99267c9
671b4d3f05cc703f973d29b3106b5935739a2dab8486e9298443552adae2340c
GET /img/faq.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "2b964-5bfc498e65a0e"
accept-ranges: bytes
content-length: 178532
content-type: image/jpeg
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/account/images/card/maestrologo.png
190.115.31.101200 OK 20 kB URL HTTP/2 www.blog.help.avalon.ltd/account/images/card/maestrologo.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 37bdef3d9e23098eb6a35e86a299ba09
a9a17fe995f3a053bd76370189fee99c14731164
4d0b47936c1f707dc789de67faf9ea84f8366eb0bd052170a9d4a7a8dd569ecb
GET /account/images/card/maestrologo.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:11:31 GMT
etag: "4d1a-5bfc493739bc2"
accept-ranges: bytes
content-length: 19738
content-type: image/png
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/invest-bg.jpg
190.115.31.101200 OK 786 kB URL HTTP/2 www.blog.help.avalon.ltd/img/invest-bg.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x700, components 3\012- data
Size 786 kB (786068 bytes)
Hash 53050a4f64bd86b20b9ab75bbc88e8ed
834a685a0f6760376a4dce50893dae55cca1f36e
ded7b293d79d88fb789e6685238f61b7b601ce98e75a9b42121410832bc3e3c9
GET /img/invest-bg.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:44 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "bfe94-5bfc498e6811f"
accept-ranges: bytes
content-length: 786068
content-type: image/jpeg
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/calc-bg.jpg
190.115.31.101200 OK 565 kB URL HTTP/2 www.blog.help.avalon.ltd/img/calc-bg.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x800, components 3\012- data
Size 565 kB (565134 bytes)
Hash d84ca549c849378f3c3bd7292c40f6c0
7f2f542cf672cc8fd0ba6893b1c1fcf5bce03cc4
5f6b3c14c111e02f41982837adcb3f8e2e32a103e87654f1d6662e06d124f49a
GET /img/calc-bg.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:44 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "89f8e-5bfc498e64686"
accept-ranges: bytes
content-length: 565134
content-type: image/jpeg
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/small-%D0%A1RT.jpg
190.115.31.101200 OK 83 kB URL HTTP/2 www.blog.help.avalon.ltd/img/small-%D0%A1RT.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 707x1000, components 3\012- data
Hash 0fdebc8b5272ce965a26fb555657eedf
560102db2a7bd87b8f97b00565fbf6e423d4518b
8ff3c629fab45adaefe7d452d413b0ce6b1e64b52c22b605dd04b798d0e5b56f
GET /img/small-%D0%A1RT.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "145c8-5bfc498e71593"
accept-ranges: bytes
content-length: 83400
content-type: image/jpeg
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/calc-item.png
190.115.31.101200 OK 762 B URL HTTP/2 www.blog.help.avalon.ltd/img/calc-item.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 64580b1e46f9a255498c2960cbff13e5
12061b16ec0b03e79e6f59841e4b16568538f25d
f0f7577e1ad6c8e0cde02c1c8edcc344914afc88f435618531259c5620c794d8
GET /img/calc-item.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/nouislider.css?ver=7.0.5
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:44 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "2fa-5bfc498e64686"
accept-ranges: bytes
content-length: 762
content-type: image/png
age: 92132
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/fonts/Raleway-SemiBold.woff2
190.115.31.101200 OK 52 kB URL HTTP/2 www.blog.help.avalon.ltd/fonts/Raleway-SemiBold.woff2
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 51472, version 1.0\012- data
Hash 6e97792d484c372f5619c098035d31dd
8cef8a83d1599b1da7ab3dd1461a40cec3fcb126
74cb870caa1812f2f90996a07440906b113952117b405be0b917dfa8a2924a23
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Raleway-SemiBold.woff2 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "c910-5bfc498e4a09d"
accept-ranges: bytes
content-length: 51472
access-control-allow-origin: *
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/fonts/Raleway-Medium.woff2
190.115.31.101200 OK 51 kB URL HTTP/2 www.blog.help.avalon.ltd/fonts/Raleway-Medium.woff2
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 50684, version 1.0\012- data
Hash 25fa062a05c1467cead356bfc6fb799a
911e4304cd41a8ef67cb99dfa487dd1c58f34141
dfb02e6cc04753077921c8bd285406edae755ea7e3f96456efa7f2cf09f2fc99
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Raleway-Medium.woff2 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "c5fc-5bfc498e45a4b"
accept-ranges: bytes
content-length: 50684
access-control-allow-origin: *
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blog.help.avalon.ltd/fonts/Raleway-Bold.woff2
190.115.31.101200 OK 51 kB URL HTTP/2 www.blog.help.avalon.ltd/fonts/Raleway-Bold.woff2
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 51220, version 1.0\012- data
Hash 8b61c603878e424c31b3fcc7fc0c10c9
916e6dcbb69d720e479ecd52b18a7c0b26641bb3
dfbf5fbd36179b9f89d70ed92ddc68ec6ef7450a55d9cb93afd8d3d3d77574c0
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Raleway-Bold.woff2 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "c814-5bfc498e417e2"
accept-ranges: bytes
content-length: 51220
access-control-allow-origin: *
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/css/ajax-loader.gif
190.115.31.101200 OK 4.2 kB URL HTTP/2 www.blog.help.avalon.ltd/css/ajax-loader.gif
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /css/ajax-loader.gif HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/slick-theme.css?ver=7.0.5
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:45 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "1052-5bfc498e3dd48"
accept-ranges: bytes
content-length: 4178
content-type: image/gif
age: 92131
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpAy2g.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpAy2g.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17216, version 1.0\012- data
Hash 136a643fb4e5f2ff8e2ee7bf990dc36b
049d9ab9dea3429bde3c5a1a401666ab766c4689
669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88
GET /s/play/v17/6ae84K2oVqwItm4TCpAy2g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:04:53 GMT
expires: Wed, 17 Jan 2024 18:04:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:54:34 GMT
content-type: font/woff2
age: 398063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtE2H68T.woff2
142.250.74.35200 OK 9.2 kB URL HTTP/2 fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtE2H68T.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9248, version 1.0\012- data
Hash 6a7de33090d64529e949eb3124f6c1c7
b3badeba880e6f343be9564e7068690f3288c91b
8f752b81dc0a3aa29edaa55262ebc397a6c947b15c1965698656f6f94162a787
GET /s/play/v17/6aez4K2oVqwIvtE2H68T.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 16:07:45 GMT
expires: Tue, 16 Jan 2024 16:07:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:06:38 GMT
content-type: font/woff2
age: 491491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpQy2knT.woff2
142.250.74.35200 OK 9.2 kB URL HTTP/2 fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpQy2knT.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9160, version 1.0\012- data
Hash 2a30f2daa1c0fb4b9cbdf7f8fa85d7ae
60f30edcb9d397c3523e24f72709b4e7f2cbc993
23dac69f3ef7c5357c71c062e6ee5df4763154e0e36aa172e8b7683571f12bbf
GET /s/play/v17/6ae84K2oVqwItm4TCpQy2knT.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9160
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 10:16:05 GMT
expires: Fri, 19 Jan 2024 10:16:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:54:24 GMT
content-type: font/woff2
age: 253391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/bitcoin-5-5.gif
190.115.31.101200 OK 564 kB URL HTTP/2 www.blog.help.avalon.ltd/img/bitcoin-5-5.gif
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type GIF image data, version 89a, 400 x 300\012- data
Size 564 kB (564534 bytes)
Hash 3bf0f20363e7a45932bf3b05b1e21e89
a816ce0c05a434e2b39aa8730841bc1dfe3c71cb
4fe1d5bd23013d5d41f9f3c42b2c43b44e01656f6e9ef65bc86a53dd8c34c801
GET /img/bitcoin-5-5.gif HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "89d36-5bfc498e7214b"
accept-ranges: bytes
content-length: 564534
content-type: image/gif
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.chaport.com/javascripts/insert.js
104.26.15.45200 OK 769 B URL HTTP/2 app.chaport.com/javascripts/insert.js
IP 104.26.15.45:0
File type ASCII text, with very long lines (594), with no line terminators
Hash f775e43bd9057606f2d17f53556f2327
4d4c13568d5cda4eae6993cc80280311ae6386a2
bcc5f11e374998cc055a647d42f53aefb781989cd7016ddbc6b43c332dfae047
GET /javascripts/insert.js HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:16 GMT
content-type: application/javascript
last-modified: Tue, 17 May 2022 09:13:52 GMT
etag: W/"62836750-252"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
access-control-allow-origin: *
cf-cache-status: HIT
age: 21510351
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaUEsroo2YAi35u6%2Bt4D2g7oUr6iowxQFmvE2PmersXaLUHe2v7qu3Fb14wqgzwvLOXUQRzfNujEEssAzoPAy5HRcVtr2FEf4SMy6WqTrVcHPPUTvUE8U0cEL8cEDnJTjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa68bbcdb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:39:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtU2Hw.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtU2Hw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17164, version 1.0\012- data
Hash c76806d1f447336b530232d9a7ecaa10
72f3c5f813c34a85df23c05a79e5125cd6096260
6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc
GET /s/play/v17/6aez4K2oVqwIvtU2Hw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:34:32 GMT
expires: Wed, 17 Jan 2024 15:34:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:06:40 GMT
content-type: font/woff2
age: 407084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/spinner.svg
190.115.31.101200 OK 14 kB URL HTTP/2 www.blog.help.avalon.ltd/img/spinner.svg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 361035a67694f47e0f50c0c59cc46c03
8a30a8552ad2cdc126ad4f96daf7709585ed82a5
5469bae14ebfbf02cbd2641866f2fe15a1b0e82ed1230805d4b7b007cca531b2
Analyzer Verdict Alert fortinet Phishing
GET /img/spinner.svg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"261-5bfc498e6b000"
accept-ranges: bytes
access-control-allow-origin: *
content-type: image/svg+xml
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/tarif-bg-new.png
190.115.31.101200 OK 172 kB URL HTTP/2 www.blog.help.avalon.ltd/img/tarif-bg-new.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 885 x 755, 8-bit/color RGBA, non-interlaced\012- data
Size 172 kB (172419 bytes)
Hash ad31711eeb0a5a9a2461fc8717411389
d3e51ac54d37b380db77f509bbaf60f00cc94a1c
c16c148954064659800eac7466d378d12b50609b6d94a6f3968156a7f64c4a54
GET /img/tarif-bg-new.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "2a183-5bfc498e6b3e8"
accept-ranges: bytes
content-length: 172419
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
pro.fontawesome.com/releases/v5.7.2/webfonts/fa-regular-400.woff2
104.18.23.52200 OK 145 kB URL HTTP/2 pro.fontawesome.com/releases/v5.7.2/webfonts/fa-regular-400.woff2
IP 104.18.23.52:0
File type Web Open Font Format (Version 2), TrueType, length 145052, version 329.31064\012- data
Size 145 kB (145052 bytes)
Hash ea1125e0a2bd57c4bdcf2c7e20386767
59501da6751365774c33ac67d2670d6b75371c62
d3da2adabcb26b0d20d5ddf91e3b608996801e6d8a99a739bb041f9c9628539c
GET /releases/v5.7.2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:16 GMT
content-type: font/woff2
content-length: 145052
x-amz-id-2: hR/GwXbWVj94m4Iwa1HXe4Z4J/fTP1yq8K4rauXygKFWrm6kGcGDO9C4dOlSBMFfLGWG7D7pwPI=
x-amz-request-id: F5XTA9FYJFC787T3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:37:21 GMT
etag: "ea1125e0a2bd57c4bdcf2c7e20386767"
cache-control: max-age=31556926
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 78d6fa6759f20b02-OSL
X-Firefox-Spdy: h2
app.chaport.com/assets/insert-main-99a08c0e2a5b82612fb50408921522fb.js
104.26.15.45200 OK 30 kB URL HTTP/2 app.chaport.com/assets/insert-main-99a08c0e2a5b82612fb50408921522fb.js
IP 104.26.15.45:0
File type ASCII text, with very long lines (63057), with no line terminators
Hash ac9b6b1e4a5d525079acccea1a03d541
d272dbe9d06cac4216e6f40e95bb7f044c171f00
79a8c5ee2db65f8d6d866df0262e435d01a6b0d48a272e2197a51a88757a78be
GET /assets/insert-main-99a08c0e2a5b82612fb50408921522fb.js HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:16 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 11:08:16 GMT
etag: W/"63c681a0-4f6e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
access-control-allow-origin: *
cf-cache-status: HIT
age: 422996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUMBT0p9AXmpqnncOV5lDbXXq9%2FuY%2FH%2FJEM9WTDPkbk8EudC6YV3hPhGYQnlOc%2BFSf0fQzfXAxQvwnOj3Zl8LRIkYvVoc%2Bj4svDHcarzg3JtxIILGlchNitOwJNXvnF1Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa69dce1b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2d569d7e71dfb62700b9d4586f39e56e
10142997973f6528fe6243741b9edf285fe48e58
c4846c711d1b2c4b72e9e99fe329205d7335ee70046fbf9b30a4ab11ac4b9f8d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 15:36:35 GMT
Expires: Thu, 26 Jan 2023 15:36:34 GMT
Etag: "10142997973f6528fe6243741b9edf285fe48e58"
Cache-Control: max-age=370037,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d6fa68ebfdb524-OSL
app.chaport.com/assets/widget-cf18e8608974f2af4cea9014e019ed0f.css
104.26.15.45200 OK 44 kB URL HTTP/2 app.chaport.com/assets/widget-cf18e8608974f2af4cea9014e019ed0f.css
IP 104.26.15.45:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c484b0b3ba57786fb4ed546e1ea825bb
cfc9e2de31e9cbeb8e397f6aca344bf74cf01bc8
9de06664e8a9dee9169049ef796db1d321802dbe85706f29d69113056790cc9f
GET /assets/widget-cf18e8608974f2af4cea9014e019ed0f.css HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: text/css
last-modified: Tue, 17 Jan 2023 05:32:04 GMT
etag: W/"63c632d4-93a6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
access-control-allow-origin: *
cf-cache-status: HIT
age: 217920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBYsnu7PkEo5OJH39YSZ3Zr5%2FBQGl8Z7SPGJNT%2B9%2FhNa4%2F%2FTgvmgShG60gFCePpH5WcbjOM1bX5C%2F5EZUHKOLbH6OYk5%2BG4pduk5A%2BnbWW14hn4dIkzSZmFvbMFMuiKMOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa6b7f3eb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Sun, 22 Jan 2023 12:30:35 GMT
Date: Sun, 22 Jan 2023 08:39:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Sun, 22 Jan 2023 12:30:35 GMT
Date: Sun, 22 Jan 2023 08:39:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13878
Expires: Sun, 22 Jan 2023 12:30:35 GMT
Date: Sun, 22 Jan 2023 08:39:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e5cb3e8d03fffcd307c5ebaef08167
1a813821d15afd416b82c3343a7920a0ffc909cb
84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7656
x-amzn-requestid: 6e1ebd9d-6ef0-48d0-a891-51bbf914ed42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNlYHaUoAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c88-479e8fb72b0b248d020d9e77;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pu5h9aerRhgCkbAszYjgiRrblEiomyl7ev5WRmdAjQSTQNgSqczG0A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:15 GMT
age: 38462
etag: "1a813821d15afd416b82c3343a7920a0ffc909cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tYwSI7_1wwDixmup43f8j54sJ541GjyzB2rboENRXfSpuwPKImlNjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 01:38:03 GMT
age: 25274
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45b3e2b-1687-4d15-8241-c1b5422b7597.png
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45b3e2b-1687-4d15-8241-c1b5422b7597.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc0cd46a7749f64fba19f6be5f2de43
67b9c7ba8702b695036e253a20ab7b86c1725143
afbb5f9024e0397977575099fdbfdb32f06521c20556cb0b03501d822d2cc8cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45b3e2b-1687-4d15-8241-c1b5422b7597.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 17237
x-amzn-requestid: 6c4b292b-633d-4063-8342-5022165de1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFObNH_eIAMFb0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb9114-5bf2228c7286c7fc3fc5dda4;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:15:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UVXstUxjGjONKatXhjWSIynzjMlBRKH4_GzmGJb0hFJAIs_dln1Wwg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 07:36:49 GMT
age: 3748
etag: "67b9c7ba8702b695036e253a20ab7b86c1725143"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/css/nouislider.css?ver=7.0.5
190.115.31.101200 OK 11 kB URL HTTP/2 www.blog.help.avalon.ltd/css/nouislider.css?ver=7.0.5
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
Hash ffb10e3407d99a3c281d80856809b6a7
23706e8312b044d70694a3236710c036c5661b0e
7d728dc088b9dc0f1f45b66564be47068c033bd54d89102279356fec40f0d54e
Analyzer Verdict Alert fortinet Phishing
GET /css/nouislider.css?ver=7.0.5 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"16bf-5bfc498e3e518"
accept-ranges: bytes
content-type: text/css
content-encoding: br
vary: Accept-Encoding
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2bxIP5fBGoswPsQAvhRGhNlrHNQtiCpgWFr_S3fjQuyEXPW8amllzw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:50 GMT
age: 38427
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ec85cf23f6ed6a70e62e17998dfcede
2a690f14cf97f33da2c4f4b21c737a7ca37665b4
ae3cedd8f51f9ed2d996f1d75e7288802d68fa3c27d928934311e4d8821940cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 86dec496-ff1b-4db8-9bcb-12275f6feeb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBGiOIAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-16c24501673bc2161c1e8a3b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GQ2E2QJ9WGrRFcbmucLjzAwgimtD8ndEVR5vyT9LDLJUW6IbxCwemw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:55:39 GMT
age: 38618
etag: "2a690f14cf97f33da2c4f4b21c737a7ca37665b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
widget.anycomment.io/stream/embed.js
54.38.116.42200 OK 130 kB URL HTTP/2 widget.anycomment.io/stream/embed.js
IP 54.38.116.42:0
File type ASCII text, with very long lines (52363)
Size 130 kB (130486 bytes)
Hash 0c0f8e10071d6ca8ec9170c2d92c7b13
f9d9fbe149e4fe874975daaa8611a16b366e93e5
bdfa5cbee7216f29b1b92d1b0a1368d6ecca63465741021e0d89707d63c9a860
GET /stream/embed.js HTTP/1.1
Host: widget.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: application/javascript; charset=UTF-8
content-length: 130486
last-modified: Mon, 12 Apr 2021 15:14:21 GMT
vary: Accept-Encoding
etag: "607463cd-1fdb6"
content-encoding: gzip
expires: Sun, 22 Jan 2023 08:40:17 GMT
cache-control: max-age=60
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/fonts/Raleway-Regular.woff2
190.115.31.101200 OK 51 kB URL HTTP/2 www.blog.help.avalon.ltd/fonts/Raleway-Regular.woff2
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 50848, version 1.0\012- data
Hash 8447ab662fd6ea8f9c73bb49872dbe06
1920a2edf52068190dbf169c4ff230c7aa6aa8f6
f84f56ec15cd5cd8e5f85e701fa36bb9e25152729a0d9ddf110ed70e0a883d23
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Raleway-Regular.woff2 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:17 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "c6a0-5bfc498e48544"
accept-ranges: bytes
content-length: 50848
access-control-allow-origin: *
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
server.chaport.com/5ec9725a1db3487e5211275c/api/public/v1/visitor-essentials?id=0dc62474-b5db-452e-baa9-de7cdc591cb3&token=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT
164.92.156.216200 OK 8 B URL HTTP/1.1 server.chaport.com/5ec9725a1db3487e5211275c/api/public/v1/visitor-essentials?id=0dc62474-b5db-452e-baa9-de7cdc591cb3&token=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT
IP 164.92.156.216:0
File type ASCII text, with no line terminators
Hash f30c3a40e9a3e65c868c754a5de95919
65101ff283414b70636ff494d866190a66ed9978
875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
OPTIONS /5ec9725a1db3487e5211275c/api/public/v1/visitor-essentials?id=0dc62474-b5db-452e-baa9-de7cdc591cb3&token=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT HTTP/1.1
Host: server.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cp-app-id
Referer: https://www.blog.help.avalon.ltd/
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 22 Jan 2023 08:39:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.blog.help.avalon.ltd
Access-Control-Allow-Headers: Content-Type, cp-app-id
Allow: GET,HEAD
ETag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubdomains;
server.chaport.com/5ec9725a1db3487e5211275c/api/public/v1/visitor-essentials?id=0dc62474-b5db-452e-baa9-de7cdc591cb3&token=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT
164.92.156.216200 OK 62 B URL HTTP/1.1 server.chaport.com/5ec9725a1db3487e5211275c/api/public/v1/visitor-essentials?id=0dc62474-b5db-452e-baa9-de7cdc591cb3&token=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT
IP 164.92.156.216:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5a78b4302c4885c9b76866eeb5f22bd3
2204c4d41f66dc0fa8270215ddce29954082a926
402683fbeed42d05bce96ad300cccbf715bd0a9a2a7ad391ae190dba4cd9fb3e
GET /5ec9725a1db3487e5211275c/api/public/v1/visitor-essentials?id=0dc62474-b5db-452e-baa9-de7cdc591cb3&token=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT HTTP/1.1
Host: server.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
CP-App-Id: 5ec9725a1db3487e5211275c
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 22 Jan 2023 08:39:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 62
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.blog.help.avalon.ltd
Access-Control-Allow-Headers: Content-Type, cp-app-id
Set-Cookie: chaport-5ec9725a1db3487e5211275c=0dc62474-b5db-452e-baa9-de7cdc591cb3%2Ff6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT; Max-Age=3153600000; Path=/5ec9725a1db3487e5211275c; Expires=Tue, 29 Dec 2122 08:39:17 GMT; HttpOnly; Secure; SameSite=None
ETag: W/"3e-IgTE1B9m3A+oJwIV3c4plUCCqSY"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubdomains;
www.blog.help.avalon.ltd/css/fonts/slick.woff
190.115.31.101200 OK 1.4 kB URL HTTP/2 www.blog.help.avalon.ltd/css/fonts/slick.woff
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format, CFF, length 1380, version 1.0\012- data
Hash b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Analyzer Verdict Alert fortinet Phishing
GET /css/fonts/slick.woff HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/slick-theme.css?ver=7.0.5
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:17 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "564-5bfc498e3ece9"
accept-ranges: bytes
content-length: 1380
access-control-allow-origin: *
content-type: application/font-woff
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/fonts/Raleway-MediumItalic.woff2
190.115.31.101200 OK 45 kB URL HTTP/2 www.blog.help.avalon.ltd/fonts/Raleway-MediumItalic.woff2
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 45296, version 1.0\012- data
Hash c95275b9121288f20d942867a819db54
5ae478136cf067e04879cd0fe95f50b92cfe54fe
179250d2c8036a87550f242af9612fdf186def0cce83d58c1e2130df4246fc3e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Raleway-MediumItalic.woff2 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/css/style.css?ver=7.3.0
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:17 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "b0f0-5bfc498e469eb"
accept-ranges: bytes
content-length: 45296
access-control-allow-origin: *
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 3cc20ce84aaba5d277a4c50595f8239d
eedc18d3d592b401edf1752a186bdcf3eaf908b5
11edd7f433724a490b318b5e4f044fcb7b9748c46964d0822fe9329077f8f75d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:34:36 GMT
ETag: "eedc18d3d592b401edf1752a186bdcf3eaf908b5"
Last-Modified: Sun, 22 Jan 2023 06:34:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1298
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa706d59b500-OSL
app.chaport.com/info/asset-name/js/insert-main?jsonpCallback=true
104.26.15.45200 OK 1.0 kB URL HTTP/2 app.chaport.com/info/asset-name/js/insert-main?jsonpCallback=true
IP 104.26.15.45:0
File type ASCII text, with no line terminators
Hash 118843733538c0f61ee6523f4bda4744
574134971605eaa61c57550d8deb3a43d9d5bdf9
6bfa3ef59381792bf2964bc6835a531a399211728f1f1343cda601b9c89e57c6
GET /info/asset-name/js/insert-main?jsonpCallback=true HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:16 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
etag: W/"55-U02Zv+kkInXIwCOHJUqnZ6+W6t0"
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdTmUt1aYKFAHEs1cNDCG0qBsOblbau5UrIuLGr2pjioc9%2BpF%2BThtGcn1lIyyUSE3S2VmQV7gCtAwJv4Ee3TUbxnAsZhUzMcLf6eLRA9XeJ7v7H7%2BTlkOl%2F5TCil98WzsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d6fa697c8bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/favicon.png
190.115.31.101200 OK 2.5 kB URL HTTP/2 www.blog.help.avalon.ltd/favicon.png
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3114ae21a83a774c1f681520524c8405
f590390d67288c6ac57d43974960efc8da3144b1
ba29bc2d7d94fa7becbb015d2cdf721301bf1a882e01e609e3624ac3dae6a867
GET /favicon.png HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6; chaport-5ec9725a1db3487e5211275c=0dc62474-b5db-452e-baa9-de7cdc591cb3%2Ff6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:17 GMT
last-modified: Mon, 12 Apr 2021 11:13:07 GMT
etag: "9be-5bfc499288cd5"
accept-ranges: bytes
content-length: 2494
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
anycomment.io/v2/comment/stream
54.38.116.42200 OK 26 kB URL HTTP/2 anycomment.io/v2/comment/stream
IP 54.38.116.42:0
Hash 199f091f3871c08db24cdb8efac0f5a5
58246981f4dec6af998202c67705f266fcd2ec98
2889983e5376d8ce16fdf792b445691e6c2db9ccea41195249b0d9181601a93e
POST /v2/comment/stream HTTP/1.1
Host: anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 19
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-expose-headers:
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
vk.com/emoji/e/f09f918df09f8fbb.png
87.240.129.133200 OK 531 B URL HTTP/2 vk.com/emoji/e/f09f918df09f8fbb.png
IP 87.240.129.133:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a02d807f14eb3ab63ffed499a7f92f0
2c16d28e4350ea2ec00d521ef86c9b44b7ec7245
62080827e711d8190b302b5bd13a6a8cc9a50960e0a97896ecfe2b87f897b9e8
GET /emoji/e/f09f918df09f8fbb.png HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/png
content-length: 531
last-modified: Tue, 21 Apr 2020 20:19:40 GMT
etag: "5e9f555c-213"
expires: Sun, 29 Jan 2023 08:39:17 GMT
cache-control: max-age=604800
x-frontend: front609304
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
accept-ranges: bytes
X-Firefox-Spdy: h2
app.chaport.com/assets/widget-6d829756c1f43a7cc353c006041d28ec.js
104.26.15.45200 OK 142 kB URL HTTP/2 app.chaport.com/assets/widget-6d829756c1f43a7cc353c006041d28ec.js
IP 104.26.15.45:0
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Size 142 kB (142402 bytes)
Hash 6f8ae91a722aa381ed3b425d44cb51e2
d71d8ab3ff8bb70e60f670fbefffc23cc2d26e73
daae59aafffe04c489a3c3dd2b9ed5b6122732d5c9a58b4ed856494453d3d9e5
GET /assets/widget-6d829756c1f43a7cc353c006041d28ec.js HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 11:30:35 GMT
etag: W/"63849bdb-22c69"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
access-control-allow-origin: *
cf-cache-status: HIT
age: 4741254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ%2FV%2FsvBCkfnCdKq0604ehIQra6rEq2qmV0SmMAkVIgzj1lzTBkM0t%2B0NFlxnOpUQy2mI%2Ft0dK96qUrSrILoBS8sLy1QF7rfqrtWpOKnB%2FSIHOPQL5DYU8xCwP6I42QW%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa706e37b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
vk.com/emoji/e/f09f9880.png
87.240.129.133200 OK 556 B URL HTTP/2 vk.com/emoji/e/f09f9880.png
IP 87.240.129.133:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 19f584f55669554e9e8a579ff4426250
a75914161673b26a807206c408eff04c58055845
22e19eedb917cdb594fe89dec49323159e8ade2a761df1de58eb05d72bb181a8
GET /emoji/e/f09f9880.png HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/png
content-length: 556
last-modified: Tue, 21 Apr 2020 20:19:40 GMT
etag: "5e9f555c-22c"
expires: Sun, 29 Jan 2023 08:39:17 GMT
cache-control: max-age=604800
x-frontend: front609304
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
accept-ranges: bytes
X-Firefox-Spdy: h2
vk.com/emoji/e/f09f9889.png
87.240.129.133200 OK 573 B URL HTTP/2 vk.com/emoji/e/f09f9889.png
IP 87.240.129.133:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 37cf59cfb55ebf00200b81c5c15bf906
04b25ea5e3e79b2dd28176fd7c57712587225fd1
f9e92fa85db42df8243730fcad8548e920a5136388eaaa675410379b362db3ef
GET /emoji/e/f09f9889.png HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/png
content-length: 573
last-modified: Tue, 21 Apr 2020 20:19:40 GMT
etag: "5e9f555c-23d"
expires: Sun, 29 Jan 2023 08:39:17 GMT
cache-control: max-age=604800
x-frontend: front609304
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
accept-ranges: bytes
X-Firefox-Spdy: h2
vk.com/emoji/e/f09fa497.png
87.240.129.133200 OK 731 B URL HTTP/2 vk.com/emoji/e/f09fa497.png
IP 87.240.129.133:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5192590288f55e1117884aa62f523cc8
4a6d619d2f1d0d1029743c0a171ea5d20a8ee792
39434b1da86bd952b6d665d4941504b003beea3002674fb64bfe0d1b2184874a
GET /emoji/e/f09fa497.png HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/png
content-length: 731
last-modified: Tue, 21 Apr 2020 20:19:40 GMT
etag: "5e9f555c-2db"
expires: Sun, 29 Jan 2023 08:39:17 GMT
cache-control: max-age=604800
x-frontend: front609304
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
accept-ranges: bytes
X-Firefox-Spdy: h2
vk.com/emoji/e/f09f988a.png
87.240.129.133200 OK 619 B URL HTTP/2 vk.com/emoji/e/f09f988a.png
IP 87.240.129.133:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 14b020fde8631f90c2d6e25b8f4e8cf5
f94243a1ab3d3a40cfa0186c403c5fdab886546d
7ea529a401353663d6be87e22ca92186220addadbc61109971daa845b4291bf2
GET /emoji/e/f09f988a.png HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/png
content-length: 619
last-modified: Tue, 21 Apr 2020 20:19:40 GMT
etag: "5e9f555c-26b"
expires: Sun, 29 Jan 2023 08:39:17 GMT
cache-control: max-age=604800
x-frontend: front609304
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Sun, 22 Jan 2023 08:39:17 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Sun, 22 Jan 2023 09:39:17 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
app.chaport.com/fonts/proxima_nova_regular.otf
104.26.15.45200 OK 95 kB URL HTTP/2 app.chaport.com/fonts/proxima_nova_regular.otf
IP 104.26.15.45:0
File type OpenType font data\012- data
Hash 410504d49238e955ba7dc23a7f963021
28d04eb938c05b5158a69a709682d4f0517a59ab
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
GET /fonts/proxima_nova_regular.otf HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: application/octet-stream
content-length: 94668
last-modified: Tue, 06 Jul 2021 07:09:16 GMT
etag: "60e4019c-171cc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
cache-control: max-age=315360000, public
access-control-allow-origin: null
cf-cache-status: HIT
age: 47601084
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBKsYs1yhTPD7%2B1gsnAqwYG8VQt5GUpY2M90ZCqppt%2FuxFx4C5Szyc7xTdynuy9R9zI1twoMQ%2FcHmL0SRA0rAOXfBMoJOpQ7U9yYH6iyV09IDZ%2BALsm8CZ7pm1shkhGMzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa715f75b509-OSL
X-Firefox-Spdy: h2
cdn.anycomment.io/2023/01/22/63ccc71cc2557.jpg
54.38.116.42200 OK 1.4 kB URL HTTP/2 cdn.anycomment.io/2023/01/22/63ccc71cc2557.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 60x60, components 3\012- data
Hash d94aa1fc8f7b7987f6e28033be1dda73
f204ece4791c46f5e5fa3fb73783b835f7da5984
65fe1660ff36674270785a41a850873577b7b990bc5bfbc248aefd5eeedfa358
GET /2023/01/22/63ccc71cc2557.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 1445
last-modified: Sun, 22 Jan 2023 05:18:20 GMT
etag: "63ccc71c-5a5"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/2022/06/16/62ab6b18653e6.jpg
54.38.116.42200 OK 1.7 kB URL HTTP/2 cdn.anycomment.io/2022/06/16/62ab6b18653e6.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 60x60, components 3\012- data
Hash c4a11072f046f81920381ef2531d838c
98a32fe7b3703af170b3464eb0f8160bf95726de
b1e87ebe11c9b29c0e5ce0cb00dd044aa268a6d42c05748c6b56cb024b4a7be8
GET /2022/06/16/62ab6b18653e6.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 1659
last-modified: Thu, 16 Jun 2022 17:40:40 GMT
etag: "62ab6b18-67b"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/uploaded/2023/01/22/712b2134-06a0-4cf1-b1ea-fbfc3eaac032.png
54.38.116.42200 OK 5.3 kB URL HTTP/2 cdn.anycomment.io/uploaded/2023/01/22/712b2134-06a0-4cf1-b1ea-fbfc3eaac032.png
IP 54.38.116.42:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash d84fad80369b569c61c7822d0bb450fa
2827c27cfb783e623cab384eff28dd6ef6ba5c73
c10da930528ca444fcdd22620ae76b66c1a20208945013db45498eadc5bfff2c
GET /uploaded/2023/01/22/712b2134-06a0-4cf1-b1ea-fbfc3eaac032.png HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/png
content-length: 5272
last-modified: Sun, 22 Jan 2023 04:48:01 GMT
etag: "63ccc001-1498"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/uploaded/2023/01/22/c731537a-62c5-402c-a452-d6fcae87d3f4.png
54.38.116.42200 OK 4.9 kB URL HTTP/2 cdn.anycomment.io/uploaded/2023/01/22/c731537a-62c5-402c-a452-d6fcae87d3f4.png
IP 54.38.116.42:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 793632fe4dfaf5d163e7c41f65e4baad
d5ff425fd19635c2f0e1202afc2bd838cf98d7c5
4bcd0249d63d1eda1b17ce503b1d85358da02fb5fa01b15923d2afa6feb8d0a3
GET /uploaded/2023/01/22/c731537a-62c5-402c-a452-d6fcae87d3f4.png HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/png
content-length: 4896
last-modified: Sun, 22 Jan 2023 04:48:07 GMT
etag: "63ccc007-1320"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/2022/07/07/62c73ca6884a1.jpg
54.38.116.42200 OK 1.6 kB URL HTTP/2 cdn.anycomment.io/2022/07/07/62c73ca6884a1.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 60x60, components 3\012- data
Hash 62bb720fb30a63af5ee476163764bb42
197f2c9789198758b49f34dbbe4be06cfc913901
0371cc64bece9b1c637416047a4c424719d4e03b43e5b7818784efc364a939c3
GET /2022/07/07/62c73ca6884a1.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 1623
last-modified: Thu, 07 Jul 2022 20:05:58 GMT
etag: "62c73ca6-657"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/uploaded/2023/01/21/8f70ceee-8929-40f4-8bf9-16be88f86ed7.jpg
54.38.116.42200 OK 3.5 kB URL HTTP/2 cdn.anycomment.io/uploaded/2023/01/21/8f70ceee-8929-40f4-8bf9-16be88f86ed7.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 150x150, components 3\012- data
Hash 9fa2df50e49c216bd6aa0c0740d35680
47c6ca2304e71b126c21f9ef834c34b948599726
4e949d4497ba3ce98203abee1dd8ba06f555a18a9093b0cfdf45447b93239b31
GET /uploaded/2023/01/21/8f70ceee-8929-40f4-8bf9-16be88f86ed7.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 3454
last-modified: Sat, 21 Jan 2023 19:44:50 GMT
etag: "63cc40b2-d7e"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/uploaded/2023/01/21/d452cacb-5e5f-4e8d-b9c9-df36963f5496.jpg
54.38.116.42200 OK 2.4 kB URL HTTP/2 cdn.anycomment.io/uploaded/2023/01/21/d452cacb-5e5f-4e8d-b9c9-df36963f5496.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 150x150, components 3\012- data
Hash ca40c10eef2781dc8cd7b1a51acd0b5c
95cd541970ef520468f54421a7e25c36aa0b7b36
da838f568b2d6ceceb24c3cd02ba6c208a8e404b7caad4d2e2e1445268eced98
GET /uploaded/2023/01/21/d452cacb-5e5f-4e8d-b9c9-df36963f5496.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 2400
last-modified: Sat, 21 Jan 2023 19:44:54 GMT
etag: "63cc40b6-960"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/2022/06/16/62ab599c9c09f.jpg
54.38.116.42200 OK 985 B URL HTTP/2 cdn.anycomment.io/2022/06/16/62ab599c9c09f.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 60x60, components 3\012- data
Hash 03e87b3dd78290f09bab80ec03a29eeb
23034c8e3d51b92def9d91833eb6cd1ccf9b518c
257b91d4a15145ae9c7b9330fc91f925e000e228e1200961e9827f2f9977099c
GET /2022/06/16/62ab599c9c09f.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 985
last-modified: Thu, 16 Jun 2022 16:26:04 GMT
etag: "62ab599c-3d9"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/uploaded/2023/01/21/f301de5f-6aba-4386-b046-e7ec4e18cd25.jpg
54.38.116.42200 OK 3.3 kB URL HTTP/2 cdn.anycomment.io/uploaded/2023/01/21/f301de5f-6aba-4386-b046-e7ec4e18cd25.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 150x150, components 3\012- data
Hash 1aeb7545e366f0bcdd40162218c13d77
3c01b6b926abdd1e00e2ac61c750769efa52ef0a
ef2d744458142c45eaebba7c59480e41dc87bda33384d93d7de57fc0b1b69894
GET /uploaded/2023/01/21/f301de5f-6aba-4386-b046-e7ec4e18cd25.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 3274
last-modified: Sat, 21 Jan 2023 15:51:53 GMT
etag: "63cc0a19-cca"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/uploaded/2023/01/21/7a751f77-e66a-499f-845e-2fd617ec4b88.jpg
54.38.116.42200 OK 2.7 kB URL HTTP/2 cdn.anycomment.io/uploaded/2023/01/21/7a751f77-e66a-499f-845e-2fd617ec4b88.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 150x150, components 3\012- data
Hash 73d0f92d698fd2d02b8bd068cc3d61ec
356fbfa6ed3b20dfb1d5414e46015288f06bcfae
afa9bdb1a3df28038fae4e4e67ae93bdcc918bbf301ce5c06f335dbb4f574a85
GET /uploaded/2023/01/21/7a751f77-e66a-499f-845e-2fd617ec4b88.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 2744
last-modified: Sat, 21 Jan 2023 15:52:03 GMT
etag: "63cc0a23-ab8"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.anycomment.io/2022/10/04/633c624447d24.jpg
54.38.116.42200 OK 1.6 kB URL HTTP/2 cdn.anycomment.io/2022/10/04/633c624447d24.jpg
IP 54.38.116.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 60x60, components 3\012- data
Hash a4807925b813a7d69d003653c55f9bb3
bae035aa9fd25b26c554525aa5e11ff234ee2576
3e0b62cbf33d4caf132ff5c1d91719e4ba1c8f40372fb98093cab48f93c7d0ab
GET /2022/10/04/633c624447d24.jpg HTTP/1.1
Host: cdn.anycomment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: image/jpeg
content-length: 1610
last-modified: Tue, 04 Oct 2022 16:41:40 GMT
etag: "633c6244-64a"
expires: Fri, 27 Jan 2023 08:39:17 GMT
cache-control: max-age=432000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 154ec37108bafb389e9580c1706eda87
2633b723e9a4e3ccd22f59d1a86c7db3b08c7bce
600558e601365fc2bb2fbca059b9c26910fd4de8b0a7660fb517a3aa60225589
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:43:15 GMT
ETag: "2633b723e9a4e3ccd22f59d1a86c7db3b08c7bce"
Last-Modified: Sun, 22 Jan 2023 06:43:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa708908b511-OSL
app.chaport.com/uploads/operator-images/84210c03-f2ae-4bb6-acb1-987248478c0e.jpg
104.26.15.45200 OK 20 kB URL HTTP/2 app.chaport.com/uploads/operator-images/84210c03-f2ae-4bb6-acb1-987248478c0e.jpg
IP 104.26.15.45:0
File type PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced\012- data
Hash ec914da727f7823b013476d241be7ec2
09412da3f787f3bf2fa1aed68990fac4e3c9a277
78ea815c69bae73509fc5aef2f73970d3fdb78ca98017aff716b377920a6c116
GET /uploads/operator-images/84210c03-f2ae-4bb6-acb1-987248478c0e.jpg HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/jpeg
content-length: 19601
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "622f4220-4c91"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 14 Mar 2022 13:24:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1601530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b%2F%2B197BbOhK4iR7S8befQUSnRwAxvjHTNRDPAHWna8nWK6My2GVsGqmB0sCzYPdri1oV%2BOOwzJnNcSoezYlYwxc7YikK9xstMYQyeQDW%2By24%2Bjp60B0bhJHC5YaY9tlSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa71cfceb509-OSL
X-Firefox-Spdy: h2
app.chaport.com/uploads/operator-images/f2654233-f723-4096-a017-a66cd8819703.png
104.26.15.45200 OK 30 kB URL HTTP/2 app.chaport.com/uploads/operator-images/f2654233-f723-4096-a017-a66cd8819703.png
IP 104.26.15.45:0
File type PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced\012- data
Hash 3b38f570e08dbe59a2f1ec61af8aa243
dea264d0949f1fe3c7086a6d1355a92a91023197
9af98994ce4d03e97f480115f92b008627861d710f71e515cf436daa01eb12b1
GET /uploads/operator-images/f2654233-f723-4096-a017-a66cd8819703.png HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/png
content-length: 29665
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "622f4253-73e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 14 Mar 2022 13:25:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 188159
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHFr30mGYJNXjkoRJUem2v1fdRVngsz5%2B%2FQO7CYAaCqUcAC8xqryB1mAlXSkLM0NkSVOQz0UL%2B8TDDcwocHiHnyZJz3q%2F0Jz3JBKJbMHOcoMZPMqpQsa3Tbc9IYS2EmT0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa71dfd6b509-OSL
X-Firefox-Spdy: h2
app.chaport.com/uploads/operator-images/5fd07f8e-d036-4cbe-aa6d-88e79a8944ee.jpg
104.26.15.45200 OK 27 kB URL HTTP/2 app.chaport.com/uploads/operator-images/5fd07f8e-d036-4cbe-aa6d-88e79a8944ee.jpg
IP 104.26.15.45:0
File type PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced\012- data
Hash 616981d3578773e6adf98719166b88fa
cc3f6d0b26a5c04dfecdf4766d29eed9fc160b46
48d9da5da1f1fe4266463b98cb33c7210dc17aa549912b911a43efd3d8231b87
GET /uploads/operator-images/5fd07f8e-d036-4cbe-aa6d-88e79a8944ee.jpg HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/jpeg
content-length: 26821
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "622f4223-68c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 14 Mar 2022 13:24:51 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 18802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh3jPaC%2F7Cp2vVKMKYXoikDDh4OJj%2BjaH2Y97s3KaeTgtoQOEIZSTldkYYYNT3xNyLEqYk25lcB6rOcsM4NTgh%2FIp%2FI2PVCMOjd8q0%2B15qoekLPGE6ihMf5auTckCDNarA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa71cfd1b509-OSL
X-Firefox-Spdy: h2
app.chaport.com/images/transfer-file-icon.png
104.26.15.45200 OK 474 B URL HTTP/2 app.chaport.com/images/transfer-file-icon.png
IP 104.26.15.45:0
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 43adbd9e6f3b72c10364e0d933bfa673
5daf170af394fc991e7633b914c21b0e9b594e09
eea7e95ea79472742e9ab2168d7e1238ca37095e42e5f61e1da90ad7e3b7e23f
GET /images/transfer-file-icon.png HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.chaport.com/assets/widget-cf18e8608974f2af4cea9014e019ed0f.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/png
content-length: 474
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "63749274-1da"
expires: Fri, 10 Feb 2023 11:20:45 GMT
last-modified: Wed, 16 Nov 2022 07:34:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 940713
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q97rolA%2Bdexk4pwYxk9qSOuCojbajucw2BjqzZc2aPxlkc74B7VuAMQvbDThIv%2F06%2F4kgr4AQDNSV82HTJVtHKNV%2F7agGDIXkjFsgoG9wbe%2BVuIK7h7ZvR66uMyI3sHJSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa71dfe0b509-OSL
X-Firefox-Spdy: h2
app.chaport.com/images/emoji-icon.png
104.26.15.45200 OK 436 B URL HTTP/2 app.chaport.com/images/emoji-icon.png
IP 104.26.15.45:0
File type PNG image data, 18 x 36, 8-bit colormap, non-interlaced\012- data
Hash 0e140d2d272da8497a2dadd258c835be
c95283be9cfaae500194fda8c7a0b4dcea9c4c25
a966349e876cdfb8cb9e99128d7d953afe173e1aa645c0989d424f9002dfd5b2
GET /images/emoji-icon.png HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.chaport.com/assets/widget-cf18e8608974f2af4cea9014e019ed0f.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/png
content-length: 436
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-bgj: imgq:100,h2pri
cf-polished: origSize=643
etag: "63749274-283"
expires: Fri, 10 Feb 2023 10:21:26 GMT
last-modified: Wed, 16 Nov 2022 07:34:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 944272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3OghDepzRjLYuKpIm3JoeFmGwe9KvY2BS8rjwZeUUFdaItim8fob4fnnAwZzi4GdVlcCVrf63Sp9xvE%2F6G9zODLcKoEqoGvV01bPXKhajI5aiDxkGgtbeu1Lw3pZ9LH8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa71efebb509-OSL
X-Firefox-Spdy: h2
vk.com/rtrg?p=VK-RTRG-516113-i8wEM&metatag_url=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&metatag_title=Avalon%20Technologies%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F
87.240.129.133200 OK 65 B URL HTTP/2 vk.com/rtrg?p=VK-RTRG-516113-i8wEM&metatag_url=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&metatag_title=Avalon%20Technologies%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F
IP 87.240.129.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ec4341fe3a8b2c4880fbfe0ef9cde34f
a0947414eb426b2939ca1a05fc870763f6bfc63f
01229c58f8015c623259e635969b8520945e2e0de1927a1375d48ad0ce915463
GET /rtrg?p=VK-RTRG-516113-i8wEM&metatag_url=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&metatag_title=Avalon%20Technologies%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/gif
content-length: 65
x-powered-by: KPHP/7.4.113120
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Wed, 24 Jan 2024 06:07:52 GMT; path=/; domain=.vk.com
remixstlid=9069918362616166230_tcz5K2E2i8nxu4vJhLoXszGGH6T3h4oFhERYv8814bw; expires=Mon, 22 Jan 2024 08:39:18 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front609304
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
app.chaport.com/images/chaport-message-status-icons.png
104.26.15.45200 OK 832 B URL HTTP/2 app.chaport.com/images/chaport-message-status-icons.png
IP 104.26.15.45:0
File type PNG image data, 54 x 18, 8-bit colormap, non-interlaced\012- data
Hash 88dd60a42c1dfcb2096b90824c0dd4bd
f45fa27733af3234fd2bb2d79f0fb6db739b9b81
5aabead9c89249c4cf91b8d3954e59e45322d1f65ce66488d1f2bfa90a75e7bc
GET /images/chaport-message-status-icons.png HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/png
content-length: 832
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-bgj: imgq:100,h2pri
cf-polished: origSize=858
etag: "63749274-35a"
expires: Wed, 01 Feb 2023 22:12:21 GMT
last-modified: Wed, 16 Nov 2022 07:34:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1679217
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToGVV3mhOP0IMyRHg%2B11YsA73tKn6w0k4BwSmWedJ1LvZTvs8xiAG2nPEHrUXw9CuguFWTn7yXRGid94aaTDO5glYnYoPV17nd%2FYxDXHfbgBjZqvpyYcO2kW4bXRj%2BEFjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa72c8d0b509-OSL
X-Firefox-Spdy: h2
app.chaport.com/images/chaport-message-status-icons@2x.png
104.26.15.45200 OK 1.2 kB URL HTTP/2 app.chaport.com/images/chaport-message-status-icons@2x.png
IP 104.26.15.45:0
File type PNG image data, 108 x 36, 8-bit colormap, non-interlaced\012- data
Hash 06c110984b0e85b02185a1c349d8a9c3
9a3fdf88ffa3d1553ecef556fb5cead183cac087
9787df42797e3b5661b34a43f701ba8556bbb6199789acc19a902393851b3d09
GET /images/chaport-message-status-icons@2x.png HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/png
content-length: 1180
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1538
etag: "63749274-602"
expires: Fri, 10 Feb 2023 10:11:30 GMT
last-modified: Wed, 16 Nov 2022 07:34:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 944868
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUCmeZF1PmBAN5JP6HJ2IXV75%2Fl4G9y%2BECZHkGBhghZqIoGYUE%2Bi3sdwuD051r%2FRuXi975eDiiqAWkC%2FASOH20NeAawy0F8BRO1B1LUY0%2Fxu91ar5q6nB3J3B1JaPMGI7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa72c8d1b509-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/watch/64370971?wmode=7&page-url=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1674%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A534631148788%3Ahid%3A988112101%3Az%3A0%3Ai%3A20230122083917%3Aet%3A1674376757%3Ac%3A1%3Arn%3A719624990%3Arqn%3A1%3Au%3A1674376757324227447%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C305%2C214%2C0%2C448%2C0%2C%2C806%2C173%2C%2C%2C%2C1824%3Aco%3A0%3Ans%3A1674376753600%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376757%3At%3AAvalon%20Technologies%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/64370971?wmode=7&page-url=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1674%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A534631148788%3Ahid%3A988112101%3Az%3A0%3Ai%3A20230122083917%3Aet%3A1674376757%3Ac%3A1%3Arn%3A719624990%3Arqn%3A1%3Au%3A1674376757324227447%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C305%2C214%2C0%2C448%2C0%2C%2C806%2C173%2C%2C%2C%2C1824%3Aco%3A0%3Ans%3A1674376753600%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376757%3At%3AAvalon%20Technologies%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 9c8eff3fcbea6ef6c204880736d11c10
68cc756b8a93b02527cb68504686c3baefabdded
8203ca8552726748ca49e5a4f32c2c83dc36234e70cdfbe0ad41b0782946ff31
GET /watch/64370971?wmode=7&page-url=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1674%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A534631148788%3Ahid%3A988112101%3Az%3A0%3Ai%3A20230122083917%3Aet%3A1674376757%3Ac%3A1%3Arn%3A719624990%3Arqn%3A1%3Au%3A1674376757324227447%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C305%2C214%2C0%2C448%2C0%2C%2C806%2C173%2C%2C%2C%2C1824%3Aco%3A0%3Ans%3A1674376753600%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376757%3At%3AAvalon%20Technologies%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/64370971/1?wmode=7&page-url=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1674%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A534631148788%3Ahid%3A988112101%3Az%3A0%3Ai%3A20230122083917%3Aet%3A1674376757%3Ac%3A1%3Arn%3A719624990%3Arqn%3A1%3Au%3A1674376757324227447%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A3%2C305%2C214%2C0%2C448%2C0%2C%2C806%2C173%2C%2C%2C%2C1824%3Aco%3A0%3Ans%3A1674376753600%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376757%3At%3AAvalon%20Technologies%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 22 Jan 2023 08:39:18 GMT
access-control-allow-origin: https://www.blog.help.avalon.ltd
set-cookie: yabs-sid=807550751674376758; Path=/; SameSite=None; Secure
i=vx0y4BSRidNJHEpIlSFaHNLB5OEqGjnd2AKQpVniYwcHEtiFnYRA7IJiRwA70tA1xjqivdUkc/VvkIAGfIj9eUA/jNM=; Expires=Wed, 19-Jan-2033 08:39:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6332395181674376758; Expires=Mon, 22-Jan-2024 08:39:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6332395181674376758; Expires=Mon, 22-Jan-2024 08:39:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705912758.yc.1674376758#1705912758.yrts.1674376758#1705912758.yrtsi.1674376758; Expires=Mon, 22-Jan-2024 08:39:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:39:18 GMT
last-modified: Sun, 22-Jan-2023 08:39:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 22 Jan 2023 08:39:18 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sun, 22 Jan 2023 09:39:18 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 8796cb48be787446eca8decaa9c6caa7
77e625b133a54d5646c0f9cbea88ff4c6a386e3a
91e59a82ec9321556a6ad95c79dbba90384c5a14abb905680ec218a1b924f852
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:18 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:04:50 GMT
ETag: "77e625b133a54d5646c0f9cbea88ff4c6a386e3a"
Last-Modified: Sun, 22 Jan 2023 06:04:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2147
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa734c36b511-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash c5ea9fd2283c643b0d9073392e1cc798
ab1a319bf4087860565010964d63683e2ed7b126
20c17c9c03095419f4463d1b37203d85e11922cd0a118d1607623630326798b6
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:18 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 05:46:10 GMT
ETag: "ab1a319bf4087860565010964d63683e2ed7b126"
Last-Modified: Sun, 22 Jan 2023 05:46:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1054
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa742cfbb511-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash c5ea9fd2283c643b0d9073392e1cc798
ab1a319bf4087860565010964d63683e2ed7b126
20c17c9c03095419f4463d1b37203d85e11922cd0a118d1607623630326798b6
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:18 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 05:46:10 GMT
ETag: "ab1a319bf4087860565010964d63683e2ed7b126"
Last-Modified: Sun, 22 Jan 2023 05:46:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1054
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa743a4fb509-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash c5ea9fd2283c643b0d9073392e1cc798
ab1a319bf4087860565010964d63683e2ed7b126
20c17c9c03095419f4463d1b37203d85e11922cd0a118d1607623630326798b6
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:18 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 05:46:10 GMT
ETag: "ab1a319bf4087860565010964d63683e2ed7b126"
Last-Modified: Sun, 22 Jan 2023 05:46:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1054
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa743d04b511-OSL
yastatic.net/react/18.2.0/react-with-dom.min.js
178.154.131.217200 OK 40 kB URL HTTP/2 yastatic.net/react/18.2.0/react-with-dom.min.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (945)
Hash 074d7c0ab0352d979572b757de8b9f0c
ca7dd3b86c5e8a750401b8d6d773a9cc3af55b81
46a06c3ec01cd4c5d5d8bb131febc48e3b1eeac94a47fe0718dfce6af821f83a
GET /react/18.2.0/react-with-dom.min.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: application/javascript
content-length: 40249
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: "074d7c0ab0352d979572b757de8b9f0c"
expires: Mon, 22 Jan 2024 14:27:15 GMT
last-modified: Mon, 20 Jun 2022 23:24:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: a8e9dbab34ecf049
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/islands/_/SmqPmIMEXrW4lOY8QrhTUVDbrro.woff
178.154.131.217200 OK 52 kB URL HTTP/2 yastatic.net/islands/_/SmqPmIMEXrW4lOY8QrhTUVDbrro.woff
IP 178.154.131.217:0
File type Web Open Font Format, TrueType, length 52450, version 0.0\012- data
Hash 61e3af7f9e6ea0118dc2f83766e0bf97
8b9246058f96a39f565a0ba9d10fbffcc47e56f7
01f4ab55e3641572504a216d3d65256e9ed926584dba9495ce5ac4566aafde78
GET /islands/_/SmqPmIMEXrW4lOY8QrhTUVDbrro.woff HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: application/font-woff
content-length: 52454
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: "61e3af7f9e6ea0118dc2f83766e0bf97"
expires: Mon, 22 Jan 2024 14:25:16 GMT
last-modified: Tue, 22 Jan 2019 17:14:44 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: b72d71ebc20390d8
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/islands/_/bIx8jOfCEfR-mECoDUEZywDBuHA.woff
178.154.131.217200 OK 51 kB URL HTTP/2 yastatic.net/islands/_/bIx8jOfCEfR-mECoDUEZywDBuHA.woff
IP 178.154.131.217:0
File type Web Open Font Format, TrueType, length 50826, version 0.0\012- data
Hash a85019616e51b56f70d2c904193ac052
fe6ef362f9338af8a383d9458884af9716a34865
8d6f930257f9caa6f9df1769a151aac21cfdc181478b9992e87741beaef04bde
GET /islands/_/bIx8jOfCEfR-mECoDUEZywDBuHA.woff HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: application/font-woff
content-length: 50830
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: "a85019616e51b56f70d2c904193ac052"
expires: Mon, 22 Jan 2024 14:24:33 GMT
last-modified: Tue, 22 Jan 2019 17:13:28 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 124e2635327c0f08
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/islands/_/KtHQR1erf3spayoIM4M4ngg0e2E.woff
178.154.131.217200 OK 52 kB URL HTTP/2 yastatic.net/islands/_/KtHQR1erf3spayoIM4M4ngg0e2E.woff
IP 178.154.131.217:0
File type Web Open Font Format, TrueType, length 52370, version 0.0\012- data
Hash cfd09dfc3c59dfc2d3eff503fa7abd5a
1cf56448e351dc8474ebdba1d27d348be7d31980
77159f239b3c8dc274d1143538081a4c7e8ce94882a1055713468ab0f2708021
GET /islands/_/KtHQR1erf3spayoIM4M4ngg0e2E.woff HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: application/font-woff
content-length: 52374
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: "cfd09dfc3c59dfc2d3eff503fa7abd5a"
expires: Mon, 22 Jan 2024 14:24:57 GMT
last-modified: Tue, 22 Jan 2019 17:00:46 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 55f9b4976a0d9627
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag_turbo.js
77.88.21.119200 OK 31 kB URL HTTP/2 mc.yandex.ru/metrika/tag_turbo.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (567)
Hash 74587e0b500efd31289bee31fc0aa974
6fe8d96ad230ab424f5f1d485ae886871a17c43e
9580f07ac479dad99d1e2b4e786543e39af0bc77614d9da36b9c31b4e95c55bf
GET /metrika/tag_turbo.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 30848
date: Sun, 22 Jan 2023 08:39:18 GMT
access-control-allow-origin: *
etag: "63c93a4b-7880"
expires: Sun, 22 Jan 2023 09:39:18 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/15995bd57457adc7d2f3.ru.js
178.154.131.217200 OK 178 kB URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/15995bd57457adc7d2f3.ru.js
IP 178.154.131.217:0
File type Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size 178 kB (177458 bytes)
Hash fff5188eee6265a8bb0aeb71310658b6
04987f6cf7e627d5ed45b6f8fae8f8182052da77
e233ac8c162733daf899a44562b38e1f062f3f33f964f3688674996aa7d99cf7
GET /s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/ymaps/15995bd57457adc7d2f3.ru.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"451f2bdb7e1b407f22dff2d941adae60"
expires: Mon, 22 Jan 2024 14:24:13 GMT
last-modified: Fri, 20 Jan 2023 13:27:07 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: facd416cf67c8b72
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0a24c7758cb7352873f97d9ee8f1427b
83803997e175857f78068d5fd0bda54a158e8c21
acbc543f08bd7f2ef5c8a83710806d04f695c960bb8bc431c55dc34c668d42f4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:38:00 GMT
ETag: "83803997e175857f78068d5fd0bda54a158e8c21"
Last-Modified: Sun, 22 Jan 2023 06:38:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 125
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa784a46b511-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0a24c7758cb7352873f97d9ee8f1427b
83803997e175857f78068d5fd0bda54a158e8c21
acbc543f08bd7f2ef5c8a83710806d04f695c960bb8bc431c55dc34c668d42f4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:38:00 GMT
ETag: "83803997e175857f78068d5fd0bda54a158e8c21"
Last-Modified: Sun, 22 Jan 2023 06:38:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 125
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa784e70b509-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0a24c7758cb7352873f97d9ee8f1427b
83803997e175857f78068d5fd0bda54a158e8c21
acbc543f08bd7f2ef5c8a83710806d04f695c960bb8bc431c55dc34c668d42f4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:38:00 GMT
ETag: "83803997e175857f78068d5fd0bda54a158e8c21"
Last-Modified: Sun, 22 Jan 2023 06:38:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 125
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa784e71b509-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0a24c7758cb7352873f97d9ee8f1427b
83803997e175857f78068d5fd0bda54a158e8c21
acbc543f08bd7f2ef5c8a83710806d04f695c960bb8bc431c55dc34c668d42f4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:38:00 GMT
ETag: "83803997e175857f78068d5fd0bda54a158e8c21"
Last-Modified: Sun, 22 Jan 2023 06:38:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 125
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa785a53b511-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0a24c7758cb7352873f97d9ee8f1427b
83803997e175857f78068d5fd0bda54a158e8c21
acbc543f08bd7f2ef5c8a83710806d04f695c960bb8bc431c55dc34c668d42f4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:39:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:38:00 GMT
ETag: "83803997e175857f78068d5fd0bda54a158e8c21"
Last-Modified: Sun, 22 Jan 2023 06:38:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 125
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6fa786e8fb509-OSL
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 21 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 4256cc8047273cebeb0729e5229bb719
919fcb9bd419d8183db414cb952f1d12ffe24bc8
590f39536816596313945603f67cae95f2d3bfcc901c89b6dc5ff5717cfe7bca
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 20793
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=PlEzNegSLaeuT7k8CHL2hHuYxosPKDcVXkrDjnp4vymPDsqYG534AIWUtyI=; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "4256cc8047273cebeb0729e5229bb719"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 19 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 49453ce59d3e353be77e5003309276c2
b62bea6546b3bad955c3b484e2ee6eaa861e3dfa
4626146e2ff2a924b2e0bc13f36823752534f931324875b5dc962f831d35645d
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 19199
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=QfoJra1zV+Mhk7+sySykReMQl9HDuoxtcNHVBNvazhzVkqIwwI7xqvyB2tyY; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "49453ce59d3e353be77e5003309276c2"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 17 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash e175fbc80deb13d0ee234be23a49e912
b9b3d7d823590663c46ec26151ac481dee9a9f43
fd3ddc86f9c1242d3837c305f943e9b43a1783519e44af7e49f1ee409f77bfb4
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 17316
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=1LCv7Z3EjKzF2r0BidDj7dglcgkGdYHulsv6yeBiwXcSY+kvmWlKtg6Gj+t5; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "e175fbc80deb13d0ee234be23a49e912"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
app.chaport.com/assets/i18n-en-1f090e0259c9478ed10bec4bb4e10c15.js
104.26.15.45200 OK 54 kB URL HTTP/2 app.chaport.com/assets/i18n-en-1f090e0259c9478ed10bec4bb4e10c15.js
IP 104.26.15.45:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (640)
Hash 3c51eceff247d0912408ca15f5daf0b5
e1d4ef05f0ead90dddcf98e76695f2a6324afd0f
3f91db7836ad91f879006d8fc24116dc8b4ad65632a3596795dc40cfd7f28b84
GET /assets/i18n-en-1f090e0259c9478ed10bec4bb4e10c15.js HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 05:32:26 GMT
etag: W/"63c632ea-8efa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
access-control-allow-origin: *
cf-cache-status: HIT
age: 443112
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf8O39P7aZKIPKoxAoCw6uoafwFMwmE%2BXlA%2BOuF4k35pKZiVMhWrjYATMdd29n%2FBNLpLsG5%2Fu2%2BSZikpVEbYv3iUpcncaIi8TPjQthCHPRExR%2BEcs%2Bpyrf8CoB34caSxDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d6fa706e34b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39602&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 15 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39602&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 1e7751219777369662347b3d831f2a8b
2262c07e12fa7f685757cda71308e64f637b8217
69eed7a5f6912e502c1bfafc08effadbf841c4afdd97bff88d0d51e5f2e6ea2d
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39602&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 14960
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=Z5vyvMYW+QTKxi/iuqXG/k/svGU4DL/vzXZrJVzWiTohcK4fWbROv7MHpg==; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "1e7751219777369662347b3d831f2a8b"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 13 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 3c444e50c00a7adeab45f562bb9e7ef2
55c0974f1d4f06392f21716ec5016d9e0cb81afe
a3cb8c62740db3bfd8c54925ee71030336916f8aafe378d16063b990cc29f0ed
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 12839
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=RWaXfBxa+bFt0x83DpyA2fkFJ7Yvw9zKU30vdq2xF137aUpkn190ZKKSKTkJ; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "3c444e50c00a7adeab45f562bb9e7ef2"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 13 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 9b950b7c85900c74187df37b76f3a069
0dbe4602deb63504d0a6863839ae048817718e4a
16ff59d023d89bb6d5bb3178166ec63a89887336077d03c0334a6b06b968c02d
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 12848
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=FyUPV7oH8+D+wu9ImNPvPWRcYKRMpAsn1o6y+WU9LpAwXXu3Y77+Ytni3Zg=; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "9b950b7c85900c74187df37b76f3a069"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 18 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 34a01ecb829add932d55c9c676d481b4
f27d1961c7ccc36ea8ff3d8502e5fca0b3a29f0f
a814d6e41366e6082f9bb8e4fbad965435b18dfb4526f5ef6e33ce5d3847bba1
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 18155
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=HZ5lIpqvRXet5Zfir+9zjVs2KBTbVI6N+deMl+SUcT3hlpUcscJ1/cpMcPo=; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "34a01ecb829add932d55c9c676d481b4"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 16 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash f68606aa8b50e405eb1d589227b96e14
880762896080220300952b3c90a94ea56db2f794
ccf1ff7d8a7e2b787da6e9b1312a772e4a2afa154272996ff4a79964684596f7
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39599&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 16498
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=M5Y0k+PXPi+vkxU3EJztrIswU6ZdEHcGZKt3fXnUQqznqBDHV1Ip/oBvuSKX; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "f68606aa8b50e405eb1d589227b96e14"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 17 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 741f56272e2134a976602f3567f73611
cdce6305e9a9e4c525db879dbf4879ba3c32629b
15558a0303f0b4ec2ec0e88a2dfb6ea59ef3b30cad1355c790bc132e35634df8
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 17090
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=AGJDYxPNnFydpYCHRkmnJeF9Isv4Omb9qLA55uepRn3x6rFS4zFiyHq6dyZF; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "741f56272e2134a976602f3567f73611"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39602&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 17 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39602&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 4da92687f4e0f6f601aef4c09d44b171
4313a92caa274557fddd503f178a0013053573ca
66084dad292f7bf2b3ff3574ba5d4c30822223dc9483dcf91af7697794ba96ff
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39602&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 17205
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=lcb/Q/N6PY5La/AJh3sk4CutrYl2e2qTJh1easKN6VRDGo5Z+XN5rfx6CWMT; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "4da92687f4e0f6f601aef4c09d44b171"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 18 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 0df362709dc9cf0e7c9195551597201b
3111d6e2b83916079ffb5fec8d915e553c34fe66
9aa5d4f00199b32dc003aa97b111344a56a7ccbe36c0670420f7c8b70b68c7d8
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20546&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 18371
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=QbMfKGKthGFx3JIl/XPDCCfhYA/4X76CCaBAbW0tNP4wP3zMesM8DNgGFZkS; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "0df362709dc9cf0e7c9195551597201b"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 18 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 8729eb785420a85407d2b4b069a1f427
ccf3f9991c76e16cdd48be8835dbed220a816b78
bdf4d0447bbd34aade96ce04c5b683e261becca6a889e47208daca4ecc724abe
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39600&y=20547&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 17450
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=QFY7e8KhMRW7+vcm68rX3CCPYO2nn2M91As7sf9Qddvq6UJ/n+EHIdWJqYo=; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "8729eb785420a85407d2b4b069a1f427"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 16 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash ae7838db90c9b3f477313d45920b212b
22bd61896bf8a04a501c548ab41cb77b94ce7cca
3741a128276eed31e18cb50dad97329f71f056d9f86f6801ee2c4131186d8c6e
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39603&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 16028
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=gv87nv6JFetH/W2MzhvRW+NXco9ptK1L+6J1ZLvZ3eCkJ8y5ftchGYYzDVc=; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "ae7838db90c9b3f477313d45920b212b"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled
87.250.251.89200 OK 20 kB URL HTTP/2 core-renderer-tiles.maps.yandex.net/tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled
IP 87.250.251.89:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 48f00541aa7e5a93b12cb6ef044baee6
a947b347fb70c7394338db1196973b828e5554cd
92c0001fa8b8316fc8f61529ebfc1f719fdfce0854cdb7bf5719a77f68549be6
GET /tiles?l=map&v=23.01.21-0-b221231112200&x=39601&y=20545&z=16&scale=1&lang=ru_RU&ads=enabled HTTP/1.1
Host: core-renderer-tiles.maps.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 19777
date: Sun, 22 Jan 2023 08:39:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=cr1w1Ol877VD23GprsmjYYHnBHnFcra7VRe1mIzYR62vV2OxjuLyA43Ox45e; domain=.yandex.net; path=/; expires=Wed, 19-Jan-2033 08:39:19 GMT; secure
etag: "48f00541aa7e5a93b12cb6ef044baee6"
cache-control: max-age=7654321
content-type: image/png
X-Firefox-Spdy: h2
mc.yandex.ru/watch/44120344/1?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083921%3Aet%3A1674376761%3Arn%3A246998870%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/44120344/1?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083921%3Aet%3A1674376761%3Arn%3A246998870%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 922cf99067541bce235dd68b2788fd52
f5a55d0b2f9a84293aa23c59543e025eb001dd82
edacd1275ab0dd1613314a1b3d4191e655bc175fbdfba21c0030bd0b4bd3bc59
GET /watch/44120344/1?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083921%3Aet%3A1674376761%3Arn%3A246998870%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Referer: https://yandex.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sun, 22 Jan 2023 08:39:22 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://yandex.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:39:22 GMT
last-modified: Sun, 22-Jan-2023 08:39:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/44120344/1?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083918%3Aet%3A1674376758%3Arn%3A446476518%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C39%2C0%2C720%2C720%2C0%2C411%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/44120344/1?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083918%3Aet%3A1674376758%3Arn%3A446476518%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C39%2C0%2C720%2C720%2C0%2C411%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/44120344/1?page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083918%3Aet%3A1674376758%3Arn%3A446476518%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C39%2C0%2C720%2C720%2C0%2C411%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Referer: https://yandex.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 22 Jan 2023 08:39:22 GMT
access-control-allow-origin: https://yandex.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:39:22 GMT
last-modified: Sun, 22-Jan-2023 08:39:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pro.fontawesome.com/releases/v5.7.2/css/all.css
104.18.23.52200 OK 0 B URL HTTP/2 pro.fontawesome.com/releases/v5.7.2/css/all.css
IP 104.18.23.52:0
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:16 GMT
content-type: text/css
x-amz-id-2: RRBMZ7p2DLCGH9ryf9XoUUST9qd3VbLl+DEgC6NM+Y0HIqQP+Hk7ALTNWiuWqEL+FIJgsl/6e2I=
x-amz-request-id: MCXBFZR0SKKQVRGA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:36:14 GMT
etag: W/"8f17a5dd66766d27715ec7925ed120fe"
cache-control: max-age=31556926
cf-cache-status: HIT
server: cloudflare
cf-ray: 78d6fa649f750b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
yandex.ru/map-widget/v1/?lang=ru_RU&scroll=false&um=constructor%3Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc
77.88.55.77200 OK 0 B URL HTTP/2 yandex.ru/map-widget/v1/?lang=ru_RU&scroll=false&um=constructor%3Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc
IP 77.88.55.77:0
GET /map-widget/v1/?lang=ru_RU&scroll=false&um=constructor%3Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: default-src 'self';connect-src 'self' yastatic.net *.yandex.net *.yandex.ru *.yandex.com *.yandex-team.ru yandex.ru yandex.ua yandex.com.tr yandex.com yandex.kz yandex.uz mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yandexmetrica.com:*;frame-src data: blob: https://yandex.ru *.yandex.ru https://*.yandex.net;img-src 'self' data: yastatic.net https://yandex.ru *.yandex.ru https://*.yandex.net *.yandex.net *.yandex.com *.yandex-team.ru mc.yandex.ru mc.yandex.az mc.yandex.ua mc.yandex.com.tr mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.uz mc.yandex.by mc.yandex.kz mc.yandex.kg mc.yandex.fr mc.yandex.tj mc.yandex.lv mc.yandex.lt mc.yandex.md mc.yandex.tm mc.yandex.ee yandex.ru yandex.ua yandex.com.tr yandex.com yandex.kz yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru;script-src 'self' 'unsafe-inline' 'unsafe-eval' yastatic.net *.yandex.net *.yandex.ru *.yandex.com *.yandex-team.ru https://*.yandex.net https://*.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.uz mc.webvisor.com mc.webvisor.org 'nonce-621bd26534804d37b0bdf13f7efc3a10';child-src 'self' data: blob: mc.yandex.ru yandex.st *.yandex.net *.yandex.ru *.yandex.com *.yandex-team.ru https://*.yandex.net https://*.yandex.ru;style-src 'self' blob: 'unsafe-inline' yandex.st yastatic.net yastat.net;font-src data: yandex.st *.yandex.net *.yandex.ru *.yandex.com *.yandex-team.ru yastatic.net;media-src data: yastatic.net *.yandex.net *.yandex.ru yandex.st yastat.net;report-uri https://csp.yandex.net/csp?from=map-widget&project=maps&yandexuid=1112182851674376758
vary: Accept-Encoding
date: Sun, 22 Jan 2023 08:39:18 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
set-cookie: yandexuid=1112182851674376758; Path=/; Domain=.yandex.ru; Expires=Tue, 21 Jan 2025 08:39:18 GMT; SameSite=None; Secure
is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Tue, 21 Jan 2025 08:39:18 GMT; SameSite=None; Secure
is_gdpr_b=CPGsJRCjogEYAQ==; Path=/; Domain=.yandex.ru; Expires=Tue, 21 Jan 2025 08:39:18 GMT; SameSite=None; Secure
_yasc=/cE9g+8oYe9JZ1iFq0tVhxXVkry0jBuu0JHOJc2pP0zSRa4Jg1LzhYN/3i0E8/c=; domain=.yandex.ru; path=/; expires=Wed, 19-Jan-2033 08:39:18 GMT; secure
i=3WHb3iKZeNaYYgV6qbiR+amHggG/W1NgfaGJAgGymhagDuJMBh8InoFDPLVpTK7KCQuYwKh7Ig8TouxooHNQSd2oZOA=; Expires=Tue, 21-Jan-2025 08:39:18 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yashr=2524236621674376758; Path=/; Domain=.yandex.ru; Expires=Mon, 22 Jan 2024 08:39:18 GMT; SameSite=None; Secure; HttpOnly
x-xss-protection: 1; mode=block
x-yandex-req-id: 1674376758318235-514736620211218285-sas3-0783-515-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, proxy-revalidate
content-type: text/html; charset=utf-8
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/44120344?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083921%3Aet%3A1674376761%3Arn%3A246998870%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/44120344?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083921%3Aet%3A1674376761%3Arn%3A246998870%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame
IP 77.88.21.119:0
GET /watch/44120344?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083921%3Aet%3A1674376761%3Arn%3A246998870%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
location: /watch/44120344/1?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fmap-widget%2Fv1%2F%3Flang%3Dru_RU%26scroll%3Dfalse%26um%3Dconstructor%253Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&page-ref=https%3A%2F%2Fwww.blog.help.avalon.ltd%2F&nohit=1&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A3glvv5bht7sch7hsi5u5e%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1122825569445%3Ahid%3A91519028%3Aphid%3A988112101%3Az%3A0%3Ai%3A20230122083921%3Aet%3A1674376761%3Arn%3A246998870%3Au%3A1674376758918874283%3Aw%3A1268x570%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1674376761%3At%3Amap%20frame
date: Sun, 22 Jan 2023 08:39:22 GMT
access-control-allow-origin: https://yandex.ru
set-cookie: yabs-sid=578945431674376762; Path=/; SameSite=None; Secure
i=JQ+I6OBn1b6ODmpgdbnhi1PmlUFXreNw8PEQzzmFTbk1NXCo8ndw9/c0vp4hSG8zsZ5MGz9clfYndtANqc3yY6xiFwI=; Expires=Wed, 19-Jan-2033 08:39:20 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3554303311674376762; Expires=Mon, 22-Jan-2024 08:39:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3554303311674376762; Expires=Mon, 22-Jan-2024 08:39:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705912762.yc.1674376762#1705912762.yrts.1674376762#1705912762.yrtsi.1674376762; Expires=Mon, 22-Jan-2024 08:39:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:39:22 GMT
last-modified: Sun, 22-Jan-2023 08:39:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/img/small-2doc.jpg
190.115.31.101200 OK 0 B URL HTTP/2 www.blog.help.avalon.ltd/img/small-2doc.jpg
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
GET /img/small-2doc.jpg HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 21 Jan 2023 07:03:43 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: "21073-5bfc498e6dee1"
accept-ranges: bytes
content-length: 135283
content-type: image/jpeg
age: 92133
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-base/096c691a83554efd68bb.ru.js
178.154.131.217200 OK 0 B URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-base/096c691a83554efd68bb.ru.js
IP 178.154.131.217:0
GET /s3/front-maps-static/maps-front-maps/build/client/map-widget/chunks/map-widget-base/096c691a83554efd68bb.ru.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yandex.ru
Connection: keep-alive
Referer: https://yandex.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"758125ef1f7d5917dbafaba73e504e26"
expires: Mon, 22 Jan 2024 14:28:13 GMT
last-modified: Fri, 20 Jan 2023 13:27:06 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 7a2b6d1454728cf5
X-Firefox-Spdy: h2
app.chaport.com/widget/show.html?appid=5ec9725a1db3487e5211275c&cid=0dc62474-b5db-452e-baa9-de7cdc591cb3&ctoken=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT&r=0.007179567807429121&ou=https%3A%2F%2Fwww.blog.help.avalon.ltd
104.26.15.45200 OK 0 B URL HTTP/2 app.chaport.com/widget/show.html?appid=5ec9725a1db3487e5211275c&cid=0dc62474-b5db-452e-baa9-de7cdc591cb3&ctoken=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT&r=0.007179567807429121&ou=https%3A%2F%2Fwww.blog.help.avalon.ltd
IP 104.26.15.45:0
GET /widget/show.html?appid=5ec9725a1db3487e5211275c&cid=0dc62474-b5db-452e-baa9-de7cdc591cb3&ctoken=f6ynPw9mBjzuz847CTXQKMIbliZnoTwqlsrH6KuT&r=0.007179567807429121&ou=https%3A%2F%2Fwww.blog.help.avalon.ltd HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:17 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sisrzuhxk77mqxhsSzxKaOSXGIFVjzlVFuUTriMB02hzSJytWrjWAsr2QcvnEXATNErwUCx8411lqtHJz2FMn9cijGcIhJ8zx9AKnh1xkTJ3VkbyFxXgQ%2Fr6LDdXbHiWZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d6fa6fdda4b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/_/fd161c881e6392111418a1036fe1188e.svg
178.154.131.217200 OK 0 B URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/_/fd161c881e6392111418a1036fe1188e.svg
IP 178.154.131.217:0
GET /s3/front-maps-static/maps-front-maps/_/fd161c881e6392111418a1036fe1188e.svg HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"fd161c881e6392111418a1036fe1188e"
expires: Mon, 22 Jan 2024 14:26:10 GMT
last-modified: Fri, 03 Jul 2020 08:04:30 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: e989cdff990a4698
X-Firefox-Spdy: h2
www.blog.help.avalon.ltd/js/jquery-1.8.3.min.js?ver=7.0.7
190.115.31.101200 OK 0 B URL HTTP/2 www.blog.help.avalon.ltd/js/jquery-1.8.3.min.js?ver=7.0.7
IP 190.115.31.101:0
ASN #262254 DDOS-GUARD CORP.
GET /js/jquery-1.8.3.min.js?ver=7.0.7 HTTP/1.1
Host: www.blog.help.avalon.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Cookie: __ddg1_=pienPr17gK0HzTyWo9Dm; PHPSESSID=gt1ikns57e3q0ioimucgb74ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 22 Jan 2023 08:39:16 GMT
last-modified: Mon, 12 Apr 2021 11:13:03 GMT
etag: W/"169b4-5bfc498e72d03"
accept-ranges: bytes
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
app.chaport.com/api/public/v1/account-essentials?language=
104.26.15.45200 OK 0 B URL HTTP/2 app.chaport.com/api/public/v1/account-essentials?language=
IP 104.26.15.45:0
OPTIONS /api/public/v1/account-essentials?language= HTTP/1.1
Host: app.chaport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cp-app-id
Referer: https://www.blog.help.avalon.ltd/
Origin: https://www.blog.help.avalon.ltd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:39:16 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-credentials: true
access-control-allow-origin: https://www.blog.help.avalon.ltd
access-control-allow-headers: Content-Type, cp-app-id
allow: GET,HEAD
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pxwxl%2BtWmxKI4KpdtBvlOqVM%2Bv3C8s%2Bs6gqlGehGmf2h9jNFigwvR1wrbK2rQ2jztR7v7S4iUTOSoYG3g%2BiGFwpKn2vdB3FU2j6Xa%2FvdWUSxUdb7tZ%2BqEreUe2oCdYcDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d6fa6a1d2db509-OSL
content-encoding: br
X-Firefox-Spdy: h2
api-maps.yandex.ru/services/constructor/1.0/js/?um=constructor%3Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&width=100%25&height=100%&lang=ru_RU&scroll=false
87.250.251.134200 OK 0 B URL HTTP/2 api-maps.yandex.ru/services/constructor/1.0/js/?um=constructor%3Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&width=100%25&height=100%&lang=ru_RU&scroll=false
IP 87.250.251.134:0
GET /services/constructor/1.0/js/?um=constructor%3Af9717edffb09d6709c93e1d21cceab8c896de4302c0b02bebd03124da489cbdc&width=100%25&height=100%&lang=ru_RU&scroll=false HTTP/1.1
Host: api-maps.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
date: Sun, 22 Jan 2023 08:39:18 GMT
x-content-type-options: nosniff, nosniff
set-cookie: _yasc=qa5+/859hhWT5JkO6XVgIhWAkUaQCs2gylqjgEHl5veDoIzI9j48f0pj9T4=; domain=.yandex.ru; path=/; expires=Wed, 19-Jan-2033 08:39:18 GMT; secure
i=GIeIZOgLZOzq+lMViM1O3fGUMweve3litCzGy0Z5FU1jyzUeSf0KDyRIbdFiEQ6/jSO++Sk3AM7/dYCLy9ZYktQoanE=; Expires=Tue, 21-Jan-2025 08:39:18 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: W/"4c52-0aHvr2AyDZZZRcWQyISZt8u5rzw"
x-xss-protection: 1; mode=block
content-encoding: gzip
content-type: application/javascript; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/s3/front-maps-static/maps-front-maps/static/v32/icons/core/logo-24.svg
178.154.131.217200 OK 0 B URL HTTP/2 yastatic.net/s3/front-maps-static/maps-front-maps/static/v32/icons/core/logo-24.svg
IP 178.154.131.217:0
GET /s3/front-maps-static/maps-front-maps/static/v32/icons/core/logo-24.svg HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yandex.ru/
Origin: https://yandex.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:39:18 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"dfa85f8fef0925f34b0b5d39ad8ff1d3"
expires: Mon, 22 Jan 2024 14:24:39 GMT
last-modified: Mon, 10 Oct 2022 07:37:24 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 5caa511c809687c4
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
IP 142.250.74.138:0
GET /css2?family=Play:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blog.help.avalon.ltd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 08:39:15 GMT
date: Sun, 22 Jan 2023 08:39:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2