cs-legion.clan.su/load/8
195.216.243.130301 Moved Permanently 178 B IP 195.216.243.130:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET /load/8 HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://cs-legion.clan.su/load/8
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2345
Expires: Sat, 26 Nov 2022 05:22:21 GMT
Date: Sat, 26 Nov 2022 04:43:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 439
Cache-Control: max-age=107717
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:43:16 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 10:38:33 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 04:19:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1444
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4573
Expires: Sat, 26 Nov 2022 05:59:29 GMT
Date: Sat, 26 Nov 2022 04:43:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: daRAJq3nykvER37R8v8wYVkwoYHE09gUay6EG0udoLBex2OBR0lR/8nt4jo3xIvhg0VZAk916LM=
x-amz-request-id: S8Y1GM82FKJN5V9X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 03:44:05 GMT
age: 3551
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:43:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cs-legion.clan.su/load/8
195.216.243.130200 OK 21 kB IP 195.216.243.130:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1874)
Hash a5c3d5acdcd8d251dff354203a08fdbf
e18c798e5234bd0410622f7bfddd2f786dc8b3b1
5ce890a2e6833ade41203e255e598d352ebdf0862699d66320ba072fe65a1885
Analyzer Verdict Alert fortinet Phishing
GET /load/8 HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6cs-legionuCoz=; path=/; expires=Thu, 26-Nov-2020 04:43:17 GMT; Secure; HttpOnly; domain=.cs-legion.clan.su
6cs-legionuCoz=; path=/; expires=Thu, 26-Nov-2020 04:43:17 GMT; Secure; HttpOnly; domain=.cs-legion.clan.su
6cs-legionuzll=1669437797; path=/; expires=Sun, 26-Nov-2023 04:43:17 GMT; Secure; domain=.cs-legion.clan.su
6cs-legionpushi=1; path=/; expires=Sun, 27-Nov-2022 03:43:17 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Sun, 19 Feb 2012 20:55:20 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
cs-legion.clan.su/?59JKIRiWkM4yaHK1zt94EBTHiOu4JxI6cY9PSXyCb3c6dXTkK6xS4%3B81Hv4cvLiAGPMbVlx7RG6x4YClAH%21aQz%5EC9y4%217C%3BaAa1ZxbuOfnnvayBZS7k8e945gXwAQI1VewF3RfOl0M%5ER0SVpOF%5ExkrKR0iUYwEtkJEMxBkVDwa2gxuf5rT0hhHTiB5ActTJb%5EmKwYaITuhVDu%3BcDuJKWe4VZTwoo
195.216.243.130200 OK 1.2 kB URL HTTP/1.1 cs-legion.clan.su/?59JKIRiWkM4yaHK1zt94EBTHiOu4JxI6cY9PSXyCb3c6dXTkK6xS4%3B81Hv4cvLiAGPMbVlx7RG6x4YClAH%21aQz%5EC9y4%217C%3BaAa1ZxbuOfnnvayBZS7k8e945gXwAQI1VewF3RfOl0M%5ER0SVpOF%5ExkrKR0iUYwEtkJEMxBkVDwa2gxuf5rT0hhHTiB5ActTJb%5EmKwYaITuhVDu%3BcDuJKWe4VZTwoo
IP 195.216.243.130:0
Hash 6476de5f53cbf5e628d0aadf1a775d06
9b85687f0451f324d887b7c785cb20be785f5003
a3bb8205e84df20818e8c2f67233a90239ebeaa7c0ea3c3817740cc069601db7
Analyzer Verdict Alert fortinet Phishing
GET /?59JKIRiWkM4yaHK1zt94EBTHiOu4JxI6cY9PSXyCb3c6dXTkK6xS4%3B81Hv4cvLiAGPMbVlx7RG6x4YClAH%21aQz%5EC9y4%217C%3BaAa1ZxbuOfnnvayBZS7k8e945gXwAQI1VewF3RfOl0M%5ER0SVpOF%5ExkrKR0iUYwEtkJEMxBkVDwa2gxuf5rT0hhHTiB5ActTJb%5EmKwYaITuhVDu%3BcDuJKWe4VZTwoo HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
cs-legion.clan.su/_st/my.css
195.216.243.130200 OK 568 B URL HTTP/1.1 cs-legion.clan.su/_st/my.css
IP 195.216.243.130:0
Hash d5d662b4e3bb7de70ccba7a21d410d6b
7a90f192fae61e04b5e75888a3eb02cdce9f274c
e273745ed93ec659eeaf8bf04e2dee7900b08258d5eeda9cd63966f597ba33d7
GET /_st/my.css HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2013 21:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"516882fc-9c1"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
cs-legion.clan.su/.s/src/base.min.css
195.216.243.130200 OK 6.1 kB URL HTTP/1.1 cs-legion.clan.su/.s/src/base.min.css
IP 195.216.243.130:0
File type ASCII text, with very long lines (24443), with no line terminators
Hash 629527310ba26cfc236c016e14662321
7a87daed5934db9729f12653e67c8de9d4365d58
134e836199a74c0b501c4e1a46dd3625f4696dc608d1052136ee455c2c2d2509
GET /.s/src/base.min.css HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 13:44:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6345734a-5f7b"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
cs-legion.clan.su/?IAPiSQtFzXAqT7nZ2YHOUAjZ1blfUcraRUsieZrVuwmW4%3Be%5Ev2%3B6xsqVWQ0y%5ExH5XT9dj8%21QH8WAk2dh20HNTLe9%21nNA3YTLgOCt7%5ERQsrtWFkh%3BlAcY6YmJuCsVrxOm6uTWIXFOrGWZrhnT9WiY8H4mhezFULNzKf63%21st%5EwCx3n3UMSjCNwFZX1APfBtR1k6znwzrda%21HbaO71LhKN6G6thm03%5E%3Boo
195.216.243.130200 OK 811 B URL HTTP/1.1 cs-legion.clan.su/?IAPiSQtFzXAqT7nZ2YHOUAjZ1blfUcraRUsieZrVuwmW4%3Be%5Ev2%3B6xsqVWQ0y%5ExH5XT9dj8%21QH8WAk2dh20HNTLe9%21nNA3YTLgOCt7%5ERQsrtWFkh%3BlAcY6YmJuCsVrxOm6uTWIXFOrGWZrhnT9WiY8H4mhezFULNzKf63%21st%5EwCx3n3UMSjCNwFZX1APfBtR1k6znwzrda%21HbaO71LhKN6G6thm03%5E%3Boo
IP 195.216.243.130:0
Hash 4a33e7cd7558f3f5a86d0fc27aee8c90
50fc0ad44d3917690997ca278091e53d0d575362
d6304d22c2821d367e3697cb9fa4e6dbeb093b8634fccd35312664d30d72b330
Analyzer Verdict Alert fortinet Phishing
GET /?IAPiSQtFzXAqT7nZ2YHOUAjZ1blfUcraRUsieZrVuwmW4%3Be%5Ev2%3B6xsqVWQ0y%5ExH5XT9dj8%21QH8WAk2dh20HNTLe9%21nNA3YTLgOCt7%5ERQsrtWFkh%3BlAcY6YmJuCsVrxOm6uTWIXFOrGWZrhnT9WiY8H4mhezFULNzKf63%21st%5EwCx3n3UMSjCNwFZX1APfBtR1k6znwzrda%21HbaO71LhKN6G6thm03%5E%3Boo HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
cs-legion.clan.su/.s/src/layer6.min.css
195.216.243.130200 OK 5.3 kB URL HTTP/1.1 cs-legion.clan.su/.s/src/layer6.min.css
IP 195.216.243.130:0
File type ASCII text, with very long lines (22098), with no line terminators
Hash 2580ce15af347707c568243d05cb6810
fba774a14a47017071aae048807d212e37c1d04d
a78ab9553bd3baefd4148deb2aa641aa76f12729c341fbb9f05ad2c571391723
GET /.s/src/layer6.min.css HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 12:50:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63456687-5652"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
cs-legion.clan.su/.s/src/jquery-1.12.4.min.js
195.216.243.130200 OK 34 kB URL HTTP/1.1 cs-legion.clan.su/.s/src/jquery-1.12.4.min.js
IP 195.216.243.130:0
File type ASCII text, with very long lines (32077)
Hash eed194bd33958fd0768352b877915a40
db7a4073a53efb53155652219d948940efe6baa7
9eaac8a63f3851efef83bd151a558f6c8d8e6bb75c7725625cf8892b6312aa06
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/jquery-1.12.4.min.js HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/javascript
Last-Modified: Thu, 01 Sep 2022 17:43:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef5c-17b8b"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
cs-legion.clan.su/.s/src/ulightbox/ulightbox.min.js
195.216.243.130200 OK 7.6 kB URL HTTP/1.1 cs-legion.clan.su/.s/src/ulightbox/ulightbox.min.js
IP 195.216.243.130:0
File type ASCII text, with very long lines (22291), with no line terminators
Hash 3bb3aaa5262067cec461b32298975b05
4e11bfe49cd05fcdbd1e692fc87788da07e62161
61fa91bb508bfda7ee487ffaf0e38aa71cfab1ce78bb108d6c6140dc9b35ab22
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/javascript
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-5713"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
cs-legion.clan.su/.s/src/ulightbox/ulightbox.min.css
195.216.243.130200 OK 1.4 kB URL HTTP/1.1 cs-legion.clan.su/.s/src/ulightbox/ulightbox.min.css
IP 195.216.243.130:0
File type ASCII text, with very long lines (4552), with no line terminators
Hash 9c03edbcbefe3eea8902981444de96f7
ca39997a1765ab084fb7e6740858176b9385c4ca
8487aa6ee4bd261bdf1f5b681cf96d347cd980ed45183c5a2a9571db6c891a08
GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
cs-legion.clan.su/.s/src/social.css
195.216.243.130200 OK 610 B URL HTTP/1.1 cs-legion.clan.su/.s/src/social.css
IP 195.216.243.130:0
File type ASCII text, with very long lines (442)
Hash af855dcd18719bcf0da15a9029755af1
d74d0ed8d96f2ebe46a7671564bf80eea6865103
9add1a323772a7c09260b63a21732472cb0204105c1d2bee763ea1429f0e26e9
GET /.s/src/social.css HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"61a758f3-9b8"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
cs-legion.clan.su/enemy/strely.js
195.216.243.130404 Not Found 2.7 kB URL HTTP/1.1 cs-legion.clan.su/enemy/strely.js
IP 195.216.243.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
Analyzer Verdict Alert fortinet Phishing
GET /enemy/strely.js HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
cs-legion.clan.su/enemy/cookieenemy.js
195.216.243.130404 Not Found 2.7 kB URL HTTP/1.1 cs-legion.clan.su/enemy/cookieenemy.js
IP 195.216.243.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
Analyzer Verdict Alert fortinet Phishing
GET /enemy/cookieenemy.js HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
cs-legion.clan.su/.s/src/uwnd.min.js
195.216.243.130200 OK 57 kB URL HTTP/1.1 cs-legion.clan.su/.s/src/uwnd.min.js
IP 195.216.243.130:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20adfead3a54ad11599adb1bab3d6fc6
23bb516448d5c643cb186ad9aec426388aa79dfd
b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/uwnd.min.js HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
s30.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.30685217236044
195.216.243.130200 OK 0 B URL HTTP/1.1 s30.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.30685217236044
IP 195.216.243.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.30685217236044 HTTP/1.1
Host: s30.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ahmadyusrie.files.wordpress.com/2009/02/wallpaper_counterstrike_01.jpg
192.0.72.20301 Moved Permanently 162 B URL HTTP/1.1 ahmadyusrie.files.wordpress.com/2009/02/wallpaper_counterstrike_01.jpg
IP 192.0.72.20:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2009/02/wallpaper_counterstrike_01.jpg HTTP/1.1
Host: ahmadyusrie.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ahmadyusrie.files.wordpress.com/2009/02/wallpaper_counterstrike_01.jpg
cs-legion.clan.su/.s/img/fr/ajax3.gif
195.216.243.130200 OK 1.1 kB URL HTTP/1.1 cs-legion.clan.su/.s/img/fr/ajax3.gif
IP 195.216.243.130:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash d700ad83d0a3c70488805e3ed515bf15
2e48c5d8842adf6064eeb4d08cead686595dde40
9777513b1dee8fbb0942cc13160510ff06cd1e868bd5dd24d060930871443ce6
GET /.s/img/fr/ajax3.gif HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/gif
Content-Length: 1079
Last-Modified: Mon, 21 Nov 2022 12:37:42 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7116-437"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/enemy/foot.png
195.216.243.130200 OK 570 B URL HTTP/1.1 cs-legion.clan.su/enemy/foot.png
IP 195.216.243.130:0
File type PNG image data, 60 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash bf010c21bf8e5c4a9b803300bd794b35
55ee9e5d0807c7029458d335a169c489f9fcd043
5b50e23bf94f30dccae174b87f6ac2bc11daa0168e40118e87e6ada2f63d0030
GET /enemy/foot.png HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/png
Content-Length: 570
Last-Modified: Thu, 02 Feb 2012 19:15:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4f2ae0ce-23a"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/enemy/block_foot.png
195.216.243.130200 OK 1.7 kB URL HTTP/1.1 cs-legion.clan.su/enemy/block_foot.png
IP 195.216.243.130:0
File type PNG image data, 205 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash 7ec0a56b322f06be0133c80d52763c01
de5ffb20962ea38ae8dd86432994e567269b78ce
88074d1f16dc0cacfdf0c8fe0c4ce80c39378abb23df7d9d40cf32a2001865f5
GET /enemy/block_foot.png HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/png
Content-Length: 1671
Last-Modified: Thu, 02 Feb 2012 19:14:56 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4f2ae0b0-687"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/enemy/up.png
195.216.243.130200 OK 3.3 kB URL HTTP/1.1 cs-legion.clan.su/enemy/up.png
IP 195.216.243.130:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 2021bfecac38efb29e62a19578ea0dfc
2faab958243c3ca4ec2ac4bf9537c7e2b3c1c4ee
73cc5a7c329dce8008a96b255ac7941b7811a6a82158a127d914d6b03bd45df3
GET /enemy/up.png HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/png
Content-Length: 3274
Last-Modified: Thu, 02 Feb 2012 19:15:57 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4f2ae0ed-cca"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/enemy/logo.png
195.216.243.130200 OK 958 B URL HTTP/1.1 cs-legion.clan.su/enemy/logo.png
IP 195.216.243.130:0
File type PNG image data, 500 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash d7fe8b70abf6a368ae8684889fa5fa54
c90497981cb02bd4b6fdd49d0f1f5212da2d962f
7f1dc08a6f8f9b83c73662bf99d68f58a4ffc621f878f13d567fbd217330fb87
GET /enemy/logo.png HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/png
Content-Length: 958
Last-Modified: Thu, 02 Feb 2012 19:15:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4f2ae0ce-3be"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
photobucket.com/albums/f287/Tidus000/20061110-counterstrike16frontei5cop.jpg
54.230.111.114301 Moved Permanently 167 B URL HTTP/1.1 photobucket.com/albums/f287/Tidus000/20061110-counterstrike16frontei5cop.jpg
IP 54.230.111.114:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/f287/Tidus000/20061110-counterstrike16frontei5cop.jpg HTTP/1.1
Host: photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://photobucket.com/albums/f287/Tidus000/20061110-counterstrike16frontei5cop.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bPjJLZrwFSIGrPoLD1Se7bRB4zUwpUOEfl4h079To9t_QolPxf1YXg==
Cache-Control: no-cache
server: Photobucket
Vary: Origin
cs-legion.clan.su/777.gif
195.216.243.130200 OK 34 kB URL HTTP/1.1 cs-legion.clan.su/777.gif
IP 195.216.243.130:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash dd80fb5793077e0e58b923d7a3a921ee
e5cbe31ce35a7c400b8e84dd9fd5473017c058f7
9a44967b08a5d9b697ca56be3155a52eea863b4c19527aed1ed75b73837505e8
GET /777.gif HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/gif
Content-Length: 33736
Last-Modified: Sun, 12 Feb 2012 11:34:50 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4f37a3da-83c8"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
142.250.74.164200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP 142.250.74.164:0
File type ASCII text, with very long lines (905), with no line terminators
Hash fe0e23ea2d335147e24f50690aa39c7c
ef74d6655ba8efb294f7ed55e6be16d315381edd
fcccb37edb611bf2580bf74646d25e4fb3660d305c66de3c8571bedfc2dac228
GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 26 Nov 2022 04:43:17 GMT
date: Sat, 26 Nov 2022 04:43:17 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
coolboys.at.ua/_ld/3/49846.jpg
193.109.246.15301 Moved Permanently 178 B URL HTTP/1.1 coolboys.at.ua/_ld/3/49846.jpg
IP 193.109.246.15:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /_ld/3/49846.jpg HTTP/1.1
Host: coolboys.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://coolboys.at.ua/_ld/3/49846.jpg
X-Frame-Options: SAMEORIGIN
vkontre1.my1.ru/images/widget_logo.gif
193.109.246.56301 Moved Permanently 178 B URL HTTP/1.1 vkontre1.my1.ru/images/widget_logo.gif
IP 193.109.246.56:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /images/widget_logo.gif HTTP/1.1
Host: vkontre1.my1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://vkontre1.my1.ru/images/widget_logo.gif
X-Frame-Options: SAMEORIGIN
www.csfight.net/img/cso/wallpaper_1_1280.jpg
5.187.5.214401 Unauthorized 172 B URL HTTP/1.1 www.csfight.net/img/cso/wallpaper_1_1280.jpg
IP 5.187.5.214:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 28c5f434e4ab2e2a682400cb005fb08b
57b3c46199c99c6a3e6442a31519b097126c61fc
9371176869a945e2958e43b349397210a1b72b83f11c67e02e0be1f950254ef2
GET /img/cso/wallpaper_1_1280.jpg HTTP/1.1
Host: www.csfight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 172
Connection: keep-alive
WWW-Authenticate: Basic realm="Restricted Content"
qcs.su/img/monitoring-1.gif
92.53.96.174301 Moved Permanently 169 B URL HTTP/1.1 qcs.su/img/monitoring-1.gif
IP 92.53.96.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
GET /img/monitoring-1.gif HTTP/1.1
Host: qcs.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh380.timeweb.ru/parking/?ref=qcs.su
ural-cs.clan.su/_ld/4/50839974.jpg
195.216.243.26301 Moved Permanently 178 B URL HTTP/1.1 ural-cs.clan.su/_ld/4/50839974.jpg
IP 195.216.243.26:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /_ld/4/50839974.jpg HTTP/1.1
Host: ural-cs.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:19 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://ural-cs.clan.su/_ld/4/50839974.jpg
X-Frame-Options: SAMEORIGIN
csternopil.at.ua/1243023842_bfa7775673bd.jpg
195.216.243.25301 Moved Permanently 178 B URL HTTP/1.1 csternopil.at.ua/1243023842_bfa7775673bd.jpg
IP 195.216.243.25:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /1243023842_bfa7775673bd.jpg HTTP/1.1
Host: csternopil.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://csternopil.at.ua/1243023842_bfa7775673bd.jpg
X-Frame-Options: SAMEORIGIN
cs-legion.clan.su/enemy/strely.js
195.216.243.130404 Not Found 2.7 kB URL HTTP/1.1 cs-legion.clan.su/enemy/strely.js
IP 195.216.243.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
Analyzer Verdict Alert fortinet Phishing
GET /enemy/strely.js HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
www.uaplay.com/images/files/wimg_2202_1.jpg
81.177.140.11403 Forbidden 592 B URL HTTP/1.1 www.uaplay.com/images/files/wimg_2202_1.jpg
IP 81.177.140.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (504), with no line terminators
Hash f87a84c6321648091e45721b7943b28d
f00ff8b890ef4ae2a1fc0dd011da57bda92a72ba
cab55a9f0f425c2becdde45e26c62f111f2bc039fb7d3b600dfa141fb32e10d1
GET /images/files/wimg_2202_1.jpg HTTP/1.1
Host: www.uaplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 592
Connection: keep-alive
csomsk.ru/1-ucoz/news-new/123.png
195.216.243.23200 OK 792 B URL HTTP/1.1 csomsk.ru/1-ucoz/news-new/123.png
IP 195.216.243.23:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 26a36c5119cbdcc64ebade2c5f8c389d
b27a1189715248aee5d8b8e3f15c9ca93ad8ccc3
6d2c6a179add2f39a67fe52b2159c17834c7587034cba3e3d54f532341805c6e
GET /1-ucoz/news-new/123.png HTTP/1.1
Host: csomsk.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:15 GMT
Content-Type: image/png
Content-Length: 792
Last-Modified: Fri, 25 Mar 2011 07:13:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d8c40ac-318"
Expires: Fri, 16 Dec 2022 04:43:15 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/CS_KapTuHKu/1326309576_86193546.jpg
195.216.243.130200 OK 103 kB URL HTTP/1.1 cs-legion.clan.su/CS_KapTuHKu/1326309576_86193546.jpg
IP 195.216.243.130:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x640, components 3\012- data
Size 103 kB (102591 bytes)
Hash 2f252fb521c92f369991bf287c721639
ec677a5c702610154807ad2e8a586aa153755baf
afaa084f926c230c6a128a462db0f0e2cb13d014e75615abebc22eda72666752
GET /CS_KapTuHKu/1326309576_86193546.jpg HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/jpeg
Content-Length: 102591
Last-Modified: Sun, 19 Feb 2012 10:36:56 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4f40d0c8-190bf"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
radikal.ua/data/upload/4efc3/0fccf/adf5d988e9.gif
138.201.173.78302 Found 0 B URL HTTP/1.1 radikal.ua/data/upload/4efc3/0fccf/adf5d988e9.gif
IP 138.201.173.78:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /data/upload/4efc3/0fccf/adf5d988e9.gif HTTP/1.1
Host: radikal.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Date: Sat, 26 Nov 2022 04:43:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.1.33
Location: https://ua.snapsnap.io/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cs-legion.clan.su/mchat/
195.216.243.130200 OK 6.0 kB IP 195.216.243.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (506)
Hash d7018a038ffc9faf705f351e1f3fca30
dce8fbd889dd6ab840aa641134cf1729df1b1a2e
83b144972ad083a5ec6aa1e76e4ad552e101bc0512e1ab1a2309a84488a68eba
Analyzer Verdict Alert fortinet Phishing
GET /mchat/ HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6cs-legionuCoz=; path=/; expires=Thu, 26-Nov-2020 04:43:17 GMT; Secure; HttpOnly; domain=.cs-legion.clan.su
Pragma: no-cache
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
www.csfight.net/img/cso/wallpaper_1_1280.jpg
5.187.5.214401 Unauthorized 172 B URL HTTP/1.1 www.csfight.net/img/cso/wallpaper_1_1280.jpg
IP 5.187.5.214:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 28c5f434e4ab2e2a682400cb005fb08b
57b3c46199c99c6a3e6442a31519b097126c61fc
9371176869a945e2958e43b349397210a1b72b83f11c67e02e0be1f950254ef2
GET /img/cso/wallpaper_1_1280.jpg HTTP/1.1
Host: www.csfight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 172
Connection: keep-alive
WWW-Authenticate: Basic realm="Restricted Content"
cs-legion.clan.su/enemy/cookieenemy.js
195.216.243.130404 Not Found 2.7 kB URL HTTP/1.1 cs-legion.clan.su/enemy/cookieenemy.js
IP 195.216.243.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash 7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16
Analyzer Verdict Alert fortinet Phishing
GET /enemy/cookieenemy.js HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
www.permvelikaya.ru/wp-content/uploads/2009/07/cs.jpg
82.146.44.71301 Moved Permanently 264 B URL HTTP/1.1 www.permvelikaya.ru/wp-content/uploads/2009/07/cs.jpg
IP 82.146.44.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e6b8900d03392ab39827577b536efba8
7b5c5300ed5441d40403d3bbc7e9c9e7f636edd7
b9bae3ae78b8ad04d2152d92626bc1bd25d69de14e11eca0c91196dc2eb37278
GET /wp-content/uploads/2009/07/cs.jpg HTTP/1.1
Host: www.permvelikaya.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 04:43:17 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Location: http://permvelikaya.ru/wp-content/uploads/2009/07/cs.jpg
Content-Length: 264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
cs-legion.clan.su/.s/img/icon/social/fb.svg
195.216.243.130200 OK 611 B URL HTTP/1.1 cs-legion.clan.su/.s/img/icon/social/fb.svg
IP 195.216.243.130:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash d178cc46dcbcf2b6f19445674fe3fe58
26f9747489d9e796926f7bbe11817c420afda3af
a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf
Analyzer Verdict Alert fortinet Phishing
GET /.s/img/icon/social/fb.svg HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/.s/src/social.css
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/svg+xml
Content-Length: 611
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-263"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
lifeless-team.ucoz.ru/knopka.GIF
195.216.243.218301 Moved Permanently 178 B URL HTTP/1.1 lifeless-team.ucoz.ru/knopka.GIF
IP 195.216.243.218:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /knopka.GIF HTTP/1.1
Host: lifeless-team.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://lifeless-team.ucoz.ru/knopka.GIF
X-Frame-Options: SAMEORIGIN
immortal-tm.ucoz.ru/Config/lose_cw.png
195.216.243.221301 Moved Permanently 178 B URL HTTP/1.1 immortal-tm.ucoz.ru/Config/lose_cw.png
IP 195.216.243.221:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /Config/lose_cw.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://immortal-tm.ucoz.ru/Config/lose_cw.png
X-Frame-Options: SAMEORIGIN
immortal-tm.ucoz.ru/Config/nich_cw.png
195.216.243.221301 Moved Permanently 178 B URL HTTP/1.1 immortal-tm.ucoz.ru/Config/nich_cw.png
IP 195.216.243.221:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /Config/nich_cw.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://immortal-tm.ucoz.ru/Config/nich_cw.png
X-Frame-Options: SAMEORIGIN
immortal-tm.ucoz.ru/Config/add_cw.png
195.216.243.221301 Moved Permanently 178 B URL HTTP/1.1 immortal-tm.ucoz.ru/Config/add_cw.png
IP 195.216.243.221:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /Config/add_cw.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://immortal-tm.ucoz.ru/Config/add_cw.png
X-Frame-Options: SAMEORIGIN
cs-strikez.clan.su/imeges/csstrikez88.gif
193.109.246.46200 OK 54 kB URL HTTP/1.1 cs-strikez.clan.su/imeges/csstrikez88.gif
IP 193.109.246.46:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 88 x 31\012- data
Hash d2ddb55552d30ac95410a7399f16a02d
49d21f60082ea3b92044f20a44808a9a036d6d37
8d48c160ef0c873d67721d2e057a55fbbc62560e7d415c6dc87f356be58ef03d
GET /imeges/csstrikez88.gif HTTP/1.1
Host: cs-strikez.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/gif
Content-Length: 54135
Last-Modified: Thu, 21 Jan 2010 14:46:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5868d7-d377"
Expires: Fri, 16 Dec 2022 04:43:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-strikez.clan.su/_ld/34/91973963.png
193.109.246.46200 OK 52 kB URL HTTP/1.1 cs-strikez.clan.su/_ld/34/91973963.png
IP 193.109.246.46:0
ASN #204343 Compubyte Limited
File type PNG image data, 425 x 176, 8-bit/color RGB, non-interlaced\012- data
Hash 39c7d80254b654cdefc4c0027ca060be
4f762274cfe509794c26ade2a7ebd93eeee286fe
b3f1c8d266174328c485c8d21eeca3936bbad8b90311316d21bdb17fd7c649cc
GET /_ld/34/91973963.png HTTP/1.1
Host: cs-strikez.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/png
Content-Length: 51641
Last-Modified: Sat, 19 Nov 2011 09:04:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4ec7710b-c9b9"
Expires: Fri, 16 Dec 2022 04:43:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
immortal-tm.ucoz.ru/Config/add_clan.png
195.216.243.221301 Moved Permanently 178 B URL HTTP/1.1 immortal-tm.ucoz.ru/Config/add_clan.png
IP 195.216.243.221:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /Config/add_clan.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://immortal-tm.ucoz.ru/Config/add_clan.png
X-Frame-Options: SAMEORIGIN
cs-legion.clan.su/?VdS86dM68%21n0OU3%5ET0QzhD1uSkdpmLXyvMx9aGpdAd1f4IegyIPOWh9e%3BszFlfK4ivizzYrkwe6Tlbj2d1jUkM%21QdaeU
195.216.243.130200 OK 800 B URL HTTP/1.1 cs-legion.clan.su/?VdS86dM68%21n0OU3%5ET0QzhD1uSkdpmLXyvMx9aGpdAd1f4IegyIPOWh9e%3BszFlfK4ivizzYrkwe6Tlbj2d1jUkM%21QdaeU
IP 195.216.243.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 84818fa8ddb832157c904b7d1014ac6e
2778f5c3a050fc23ddd178131d2462e750545b2a
e2b790a0b7e4a8fd905333ccca596908c3803ccc24d7997c85fcd0383ccef2d6
Analyzer Verdict Alert fortinet Phishing
GET /?VdS86dM68%21n0OU3%5ET0QzhD1uSkdpmLXyvMx9aGpdAd1f4IegyIPOWh9e%3BszFlfK4ivizzYrkwe6Tlbj2d1jUkM%21QdaeU HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip
cs-monitor.ru/images/banner-1.gif
77.222.54.210301 Moved Permanently 169 B URL HTTP/1.1 cs-monitor.ru/images/banner-1.gif
IP 77.222.54.210:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd6987d71fad7058a993a9028dc40454
3ed872fa3a00837bb008ad9d201850e2ea57a79f
f0e759f444eb3a324b621f0548919424455e81441d42ea6bc6bcd2b24fce1b92
GET /images/banner-1.gif HTTP/1.1
Host: cs-monitor.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx/1.16.1
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cs-monitor.ru:443/images/banner-1.gif
cs-strikez.clan.su/_ld/48/23288121.jpg
193.109.246.46200 OK 81 kB URL HTTP/1.1 cs-strikez.clan.su/_ld/48/23288121.jpg
IP 193.109.246.46:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 600x800, components 3\012- data
Hash 684c1b4e44f0092703a5399d590c4775
888b838780887148e36290eb0a35fcd781064e72
cf1ce7ea182d386eda792604d2f0dbe66046f933dc5e4e7671026c6d228fe136
GET /_ld/48/23288121.jpg HTTP/1.1
Host: cs-strikez.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/jpeg
Content-Length: 80856
Last-Modified: Sat, 31 Dec 2011 09:22:05 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4efed43d-13bd8"
Expires: Fri, 16 Dec 2022 04:43:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
clun-legionteam.narod.ru/default.jpg
193.109.247.227200 OK 83 kB URL HTTP/1.1 clun-legionteam.narod.ru/default.jpg
IP 193.109.247.227:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Hash 8a49c30337505104a8d97be5dca4e63a
c7564d1cb48e9f794c592998c504a82037632f3a
ea21c7353f88eed242ca3cdffcb6b2f6c5c601fc94101f683daea7246c97564f
GET /default.jpg HTTP/1.1
Host: clun-legionteam.narod.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/jpeg
Content-Length: 82892
Last-Modified: Fri, 05 Apr 2013 19:52:22 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "515f2b76-143cc"
Accept-Ranges: bytes
permvelikaya.ru/wp-content/uploads/2009/07/cs.jpg
82.146.44.71404 Not Found 580 B URL HTTP/1.1 permvelikaya.ru/wp-content/uploads/2009/07/cs.jpg
IP 82.146.44.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (316)
Hash e8f2eec286462a50a247e511de3551ae
9c3a62e2f58aa1888184fbf3991fb7d1e54ab096
4fdd8279481bedb55e6264739889881245c0835861121a5ee9b3d87a06ae2f3a
GET /wp-content/uploads/2009/07/cs.jpg HTTP/1.1
Host: permvelikaya.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 04:43:17 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 580
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
immortal-tm.ucoz.ru/Config/win_cw.png
195.216.243.221301 Moved Permanently 178 B URL HTTP/1.1 immortal-tm.ucoz.ru/Config/win_cw.png
IP 195.216.243.221:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /Config/win_cw.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://immortal-tm.ucoz.ru/Config/win_cw.png
X-Frame-Options: SAMEORIGIN
cs-legion.clan.su/.s/src/uwnd.min.js?2
195.216.243.130200 OK 57 kB URL HTTP/1.1 cs-legion.clan.su/.s/src/uwnd.min.js?2
IP 195.216.243.130:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20adfead3a54ad11599adb1bab3d6fc6
23bb516448d5c643cb186ad9aec426388aa79dfd
b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/uwnd.min.js?2 HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/mchat/
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
s30.ucoz.net/adv/dummy/000/css/style.css
195.216.243.130200 OK 1.6 kB URL HTTP/1.1 s30.ucoz.net/adv/dummy/000/css/style.css
IP 195.216.243.130:0
Hash 50406c447ccad47ca9e5d53eff612ffb
16e3921585135a87a1066689c9c67a312d96c92d
01a0732bba96fb38be885a1d233fecf52e32c7e07e48cd05f6f07a3690ea304c
GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s30.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a36fb-19eb"
Content-Encoding: gzip
ahmadyusrie.files.wordpress.com/2009/02/wallpaper_counterstrike_01.jpg
192.0.72.20200 OK 156 kB URL HTTP/2 ahmadyusrie.files.wordpress.com/2009/02/wallpaper_counterstrike_01.jpg
IP 192.0.72.20:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1024x768, components 3\012- data
Size 156 kB (156229 bytes)
Hash bb55cc61791ca70b215ce9c77bef86bb
ec151080f777a05435ad409d4b85a3f465541303
501f749c0a6e7f75c67c5b72b8ef48b67bc3108ea43ed81d17e93a5e5f6f3397
GET /2009/02/wallpaper_counterstrike_01.jpg HTTP/1.1
Host: ahmadyusrie.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:43:17 GMT
content-type: image/jpeg
content-length: 156229
last-modified: Sat, 21 Feb 2009 07:29:04 GMT
expires: Sun, 01 Jan 2023 10:04:38 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://ahmadyusrie.wordpress.com
vary: Origin
x-nc: MISS arn 20 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cs-real.com/uploads/posts/2010-11/1290776665_44.jpeg
23.110.224.178403 Forbidden 0 B URL HTTP/1.1 cs-real.com/uploads/posts/2010-11/1290776665_44.jpeg
IP 23.110.224.178:0
ASN #395954 LEASEWEB-USA-LAX-11
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/posts/2010-11/1290776665_44.jpeg HTTP/1.1
Host: cs-real.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 403 Forbidden
Transfer-Encoding: chunked
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 26 Nov 2022 04:43:16 GMT
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ce91b8ecb2fbc580ea86b07a5be1123
3a8deac871a345616f13dac75b09dcad4bbabbe3
3fb5551e56e660c3737c96cc0d3a4841ee750dc08764d608cd3afa07dbbd874b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3FB5551E56E660C3737C96CC0D3A4841EE750DC08764D608CD3AFA07DBBD874B"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17128
Expires: Sat, 26 Nov 2022 09:28:45 GMT
Date: Sat, 26 Nov 2022 04:43:17 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
151.101.86.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.86.133:0
Hash edc3bbf5917aeb5dc2bff06c26d54024
1e697ac0c287dfbf0f07e4b10b43440d62383171
8da5cec2fa849038dabea4e235fedc79bc4e70c3b462a15e82c033cedd5c4b55
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 30 Nov 2022 03:57:00 GMT
ETag: "1e697ac0c287dfbf0f07e4b10b43440d62383171"
Last-Modified: Sat, 26 Nov 2022 03:57:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 26 Nov 2022 04:43:17 GMT
Age: 2776
X-Served-By: cache-qpg1250-QPG, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 2
X-Timer: S1669437798.712251,VS0,VE0
cs-legion.clan.su/.s/img/icon/social/u.svg
195.216.243.130200 OK 612 B URL HTTP/1.1 cs-legion.clan.su/.s/img/icon/social/u.svg
IP 195.216.243.130:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1e726893f02be39b70d24d502a3a9998
98c6fcf43a67426ed7e9c7a839e8115494ca8072
d0608cf0c4aff79f20a198427f7df73300d643face9bea72b8d406b432b84df9
Analyzer Verdict Alert fortinet Phishing
GET /.s/img/icon/social/u.svg HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/.s/src/social.css
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/svg+xml
Content-Length: 612
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-264"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/.s/img/icon/social/vk.svg
195.216.243.130200 OK 772 B URL HTTP/1.1 cs-legion.clan.su/.s/img/icon/social/vk.svg
IP 195.216.243.130:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 7c4eb8cae0b565c023c4406add5f8041
079ce5d3277df672b57a73476a28d0bf0b1c1fe2
05a3f8587400860aa87bb18c9a9cd5b22a45ca4fc4a37a7922d29e48549b2fc9
Analyzer Verdict Alert fortinet Phishing
GET /.s/img/icon/social/vk.svg HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/.s/src/social.css
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/svg+xml
Content-Length: 772
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-304"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/.s/img/icon/social/ya.svg
195.216.243.130200 OK 660 B URL HTTP/1.1 cs-legion.clan.su/.s/img/icon/social/ya.svg
IP 195.216.243.130:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 7676c3eee5bd955efe08fd05367a443b
595e4e8dbf5ff472606434d0f45806d088de4c0c
b72d3f61ac56b4aa27bad5769589705004aff1f0ad341785ca72dc46ba16de5b
Analyzer Verdict Alert fortinet Phishing
GET /.s/img/icon/social/ya.svg HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/.s/src/social.css
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/svg+xml
Content-Length: 660
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-294"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/.s/img/icon/social/gp.svg
195.216.243.130200 OK 550 B URL HTTP/1.1 cs-legion.clan.su/.s/img/icon/social/gp.svg
IP 195.216.243.130:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (534), with no line terminators
Hash 10d296226de121de55180e5b1b7d9d49
5980293f4f290734d09459d068a8c3996e43fe40
a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d
Analyzer Verdict Alert fortinet Phishing
GET /.s/img/icon/social/gp.svg HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/.s/src/social.css
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/svg+xml
Content-Length: 550
Last-Modified: Fri, 01 Feb 2019 12:57:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c544236-226"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/.s/img/icon/social/ok.svg
195.216.243.130200 OK 1.9 kB URL HTTP/1.1 cs-legion.clan.su/.s/img/icon/social/ok.svg
IP 195.216.243.130:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 08bbc2fa9b08463b0d061041d62b408e
370c53ccc3edd296cd35fb9e3de20dabfdae78d9
e1369586f1d82834ecc0ccab2f5f1a6f7565f2c715243d956bd7eb1404c8fba9
Analyzer Verdict Alert fortinet Phishing
GET /.s/img/icon/social/ok.svg HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/.s/src/social.css
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/svg+xml
Content-Length: 1858
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-742"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-legion.clan.su/.s/img/stars/3/12.png
195.216.243.130200 OK 1.2 kB URL HTTP/1.1 cs-legion.clan.su/.s/img/stars/3/12.png
IP 195.216.243.130:0
File type PNG image data, 12 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 350693463200bbe9388eec7d1a208289
9a310a7dd3c068636b224d253e0df9ce09784df2
aa22bfd07d6d73ee1e2fc304bf81625c716e83f81e1dfc044560b54595bdec28
GET /.s/img/stars/3/12.png HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/png
Content-Length: 1161
Last-Modified: Mon, 21 Nov 2022 12:37:43 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b7117-489"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs-strikez.clan.su/_ld/34/48773922.png
193.109.246.46200 OK 313 kB URL HTTP/1.1 cs-strikez.clan.su/_ld/34/48773922.png
IP 193.109.246.46:0
ASN #204343 Compubyte Limited
File type PNG image data, 565 x 800, 8-bit/color RGBA, interlaced\012- data
Size 313 kB (312792 bytes)
Hash 65a697969b12305faccc7daa351a6bf7
74200aca70cf6ad945c7caf6b365e456a8b1f6e0
286ff309b4d5ee4a8759023eca12ea883df38a542b1566de60f96af44ba37d97
GET /_ld/34/48773922.png HTTP/1.1
Host: cs-strikez.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/png
Content-Length: 312792
Last-Modified: Sat, 19 Nov 2011 20:23:23 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4ec8103b-4c5d8"
Expires: Fri, 16 Dec 2022 04:43:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
img507.imageshack.us/img507/6960/image004l.jpg
38.99.77.17404 Not Found 168 B URL HTTP/1.1 img507.imageshack.us/img507/6960/image004l.jpg
IP 38.99.77.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 341d15013ba4391483b2d5e34cbc5c5c
986399b390a9aaa9a33e459099aaf9f1dbc227ab
376f5045e4dd8bf68ac9e374518a01c18b2fdf76344f2cc08cac143acc4f3cb8
GET /img507/6960/image004l.jpg HTTP/1.1
Host: img507.imageshack.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx/1.2.8
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 04:08:54 GMT
cache-control: public,max-age=3600
age: 2063
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
142.250.74.33200 OK 60 kB URL HTTP/2 themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP 142.250.74.33:0
File type Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Hash 0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cs-legion.clan.su
Connection: keep-alive
Referer: https://s30.ucoz.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 60332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 15:09:24 GMT
expires: Wed, 22 Nov 2023 15:09:24 GMT
cache-control: public, max-age=31536000
age: 308033
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ural-cs.clan.su/_ld/4/50839974.jpg
195.216.243.26200 OK 23 kB URL HTTP/1.1 ural-cs.clan.su/_ld/4/50839974.jpg
IP 195.216.243.26:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 400x267, components 3\012- data
Hash 90ce285bc02363c8b96f516bffa10be0
dff402703c950d06148e629797c31978ebb5c032
8e29965ce3e79c59f93dcf0e2ec73e66b67021a08833df4d4f7096afd6dc662c
GET /_ld/4/50839974.jpg HTTP/1.1
Host: ural-cs.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:19 GMT
Content-Type: image/jpeg
Content-Length: 22690
Last-Modified: Wed, 23 Nov 2011 06:54:20 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4ecc989c-58a2"
Expires: Fri, 16 Dec 2022 04:43:19 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
csternopil.at.ua/1243023842_bfa7775673bd.jpg
195.216.243.25200 OK 38 kB URL HTTP/1.1 csternopil.at.ua/1243023842_bfa7775673bd.jpg
IP 195.216.243.25:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 63615ac46ca2849631898951dfa4ce5f
ff2a2d4168c2fe49f4a03be5f048600123aa3bfc
531bad3d6f9c48fb1770a2a86de5f298765d498227824560ea74047b642b6f8b
GET /1243023842_bfa7775673bd.jpg HTTP/1.1
Host: csternopil.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/jpeg
Content-Length: 37707
Last-Modified: Sat, 23 Jan 2010 18:13:57 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4b5b3c65-934b"
Expires: Fri, 16 Dec 2022 04:43:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
immortal-tm.ucoz.ru/Config/lose_cw.png
195.216.243.221200 OK 15 kB URL HTTP/1.1 immortal-tm.ucoz.ru/Config/lose_cw.png
IP 195.216.243.221:0
File type PNG image data, 160 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash c8d7d72638ab98651c5fa4cefe2627db
8a0f8c5a7ae1fd4960ccefe7fa184232f8ba0cf7
62198070526bf5d56bd1b53ea4b7c304e7c6f70a9553d8c4f40f09c7d2e0a06a
GET /Config/lose_cw.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: image/png
Content-Length: 15246
Last-Modified: Mon, 31 Jan 2011 11:23:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d469bae-3b8e"
Expires: Fri, 16 Dec 2022 04:43:16 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3378
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:43:17 GMT
Last-Modified: Sat, 26 Nov 2022 03:46:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
s30.ucoz.net/adv/dummy/000/img/ucoz-logo.png
195.216.243.130200 OK 4.6 kB URL HTTP/1.1 s30.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP 195.216.243.130:0
File type PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2
GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s30.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fb-11e9"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b265dffaa2c792174b252208015f7d47
024e33c2d6f604830e1cffb8d15644902586ab9c
0f542a9c56088e4286617e5669f380cd54a8a7f2c0ade9f8b35bd9ccd80fd984
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F542A9C56088E4286617E5669F380CD54A8A7F2C0ADE9F8B35BD9CCD80FD984"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10405
Expires: Sat, 26 Nov 2022 07:36:42 GMT
Date: Sat, 26 Nov 2022 04:43:17 GMT
Connection: keep-alive
vkontre1.my1.ru/images/widget_logo.gif
193.109.246.56200 OK 225 B URL HTTP/1.1 vkontre1.my1.ru/images/widget_logo.gif
IP 193.109.246.56:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 16 x 16\012- data
Hash cea3a8bd41bdda2b98d25d5df2385861
4830c5071ceb98144ece98e082544e62f7e4c41a
bd28daf0ad08ee9818275e530eff1774b61a3ab78a43a80e2cf2fe39d6eb7ac7
GET /images/widget_logo.gif HTTP/1.1
Host: vkontre1.my1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/gif
Content-Length: 225
Last-Modified: Wed, 09 Nov 2011 15:18:56 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4eba99e0-e1"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b265dffaa2c792174b252208015f7d47
024e33c2d6f604830e1cffb8d15644902586ab9c
0f542a9c56088e4286617e5669f380cd54a8a7f2c0ade9f8b35bd9ccd80fd984
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F542A9C56088E4286617E5669F380CD54A8A7F2C0ADE9F8B35BD9CCD80FD984"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10405
Expires: Sat, 26 Nov 2022 07:36:42 GMT
Date: Sat, 26 Nov 2022 04:43:17 GMT
Connection: keep-alive
www.csomsk.ru/mini-chat/info.gif
195.216.243.23200 OK 89 B URL HTTP/1.1 www.csomsk.ru/mini-chat/info.gif
IP 195.216.243.23:0
File type GIF image data, version 89a, 10 x 10\012- data
Hash ddac7bc3057a339cc70e15da890de5e3
218f4cac568bdde47c24d70d2e526e14f513391a
76cfadc12cdade92528f9b00bb29b291a4e646a594989a9b4c8a94267d05b80d
GET /mini-chat/info.gif HTTP/1.1
Host: www.csomsk.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: image/gif
Content-Length: 89
Last-Modified: Wed, 29 Jun 2011 13:48:45 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e0b2d3d-59"
Expires: Fri, 16 Dec 2022 04:43:16 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
lifeless-team.ucoz.ru/knopka.GIF
195.216.243.218503 Service Temporarily Unavailable 2.7 kB URL HTTP/1.1 lifeless-team.ucoz.ru/knopka.GIF
IP 195.216.243.218:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash e99578218dd27c7e8e7b5a57c1bf2ba6
908e638455ea17a20bffdee117a2c1685be6c3e9
dff140cc09066810492d8bb2d4ce03cb7b9a0a736a4e8d5e132caec0374e022a
GET /knopka.GIF HTTP/1.1
Host: lifeless-team.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
rot.spotsniper.ru/?src=ujs6
31.172.81.159200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
immortal-tm.ucoz.ru/Config/win_cw.png
195.216.243.221200 OK 14 kB URL HTTP/1.1 immortal-tm.ucoz.ru/Config/win_cw.png
IP 195.216.243.221:0
File type PNG image data, 160 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 2145014b1521d4958e44bf89a1662838
61d892455c1ffbba02983a6ffd18b0ef04af1ee2
2596add815ce8537eacb673a39c07a1158bdd24f0b8fa3196c2ea4e21c391d5e
GET /Config/win_cw.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: image/png
Content-Length: 14039
Last-Modified: Mon, 31 Jan 2011 11:12:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d469930-36d7"
Expires: Fri, 16 Dec 2022 04:43:16 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rot.spotsniper.ru/?src=ujs6&s_subid=btn
31.172.81.159200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6&s_subid=btn
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6&s_subid=btn HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
immortal-tm.ucoz.ru/Config/add_cw.png
195.216.243.221200 OK 14 kB URL HTTP/1.1 immortal-tm.ucoz.ru/Config/add_cw.png
IP 195.216.243.221:0
File type PNG image data, 160 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 4568ccc382bf04281303d46e975fa24e
88c77c38a027b37b32c2f5e54db777c93cebf535
bf816fc8ebf10f995991715b0f1abfdbcc89bc74457b1e5a58eb9a18d1a96c81
GET /Config/add_cw.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: image/png
Content-Length: 14233
Last-Modified: Mon, 31 Jan 2011 11:51:35 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d46a247-3799"
Expires: Fri, 16 Dec 2022 04:43:16 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
s30.ucoz.net/adv/dummy/000/img/bg.gif
195.216.243.130200 OK 1.3 kB URL HTTP/1.1 s30.ucoz.net/adv/dummy/000/img/bg.gif
IP 195.216.243.130:0
File type GIF image data, version 89a, 485 x 3\012- data
Hash b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50
GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s30.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s30.ucoz.net/adv/dummy/000/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a36fb-4f4"
Accept-Ranges: bytes
immortal-tm.ucoz.ru/Config/add_clan.png
195.216.243.221200 OK 15 kB URL HTTP/1.1 immortal-tm.ucoz.ru/Config/add_clan.png
IP 195.216.243.221:0
File type PNG image data, 160 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c6458f37c32d2e4aaee17d84da095c
9eada9b8b13eef0da183468b193ac7cfbd4c3f03
59b1a2d549a0afb88d6bbde442e88904898c36948c591df72189f3711a4ba703
GET /Config/add_clan.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: image/png
Content-Length: 14648
Last-Modified: Mon, 31 Jan 2011 11:47:28 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d46a150-3938"
Expires: Fri, 16 Dec 2022 04:43:16 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash e7f67f191cc1d7370a3077361d017f05
990eadc9426fa5afeef1fcf4d8f81b72a3334afa
fcdae37563b3687e8566f065c747071a6a1db8a42f8875ab00b62c04ae1796e0
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 30 Nov 2022 02:25:56 GMT
ETag: "990eadc9426fa5afeef1fcf4d8f81b72a3334afa"
Last-Modified: Sat, 26 Nov 2022 02:25:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3357
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fff65dd830b527-OSL
immortal-tm.ucoz.ru/Config/nich_cw.png
195.216.243.221200 OK 18 kB URL HTTP/1.1 immortal-tm.ucoz.ru/Config/nich_cw.png
IP 195.216.243.221:0
File type PNG image data, 160 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 37cc047e807e9f036f4dcedb5de705a1
1ac1c0e3ef6bf217cd80d14332c8b103e753ccb4
e1edb1c1e7ecc040d10a94e3afe73fa8aa0331c42b3be6f2d983da080b8e50a9
GET /Config/nich_cw.png HTTP/1.1
Host: immortal-tm.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:16 GMT
Content-Type: image/png
Content-Length: 18147
Last-Modified: Mon, 31 Jan 2011 12:26:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d46aa68-46e3"
Expires: Fri, 16 Dec 2022 04:43:16 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vI+jIDc/KVkpAgruDmO2Sw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xim72VPC30O4BpdM4bzEZ00jGSM=
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash af43126cc06724ac32856aef59def889
e31035ebad2372dbbd645f3f6be177164f8be058
1547d940ae68b047d9e565218d64b2ce3f70d363bd1991c1373227d7e4408bd4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128528
Date: Sat, 26 Nov 2022 04:43:17 GMT
Etag: "6380ec75-1d7"
Expires: Sun, 27 Nov 2022 16:25:25 GMT
Last-Modified: Fri, 25 Nov 2022 16:25:25 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wXQ7X1f_-qPi1knWYste2DqXBe6o2LogcYeluNhj0lWqcs3d8zTCTw==
counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//cs-legion.clan.su/load/8;s1280*1024*24;uhttps%3A//cs-legion.clan.su/%3FVdS86dM68%2521n0OU3%255ET0QzhD1uSkdpmLXyvMx9aGpdAd1f4IegyIPOWh9e%253BszFlfK4ivizzYrkwe6Tlbj2d1jUkM%2521QdaeU;1669437797211
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//cs-legion.clan.su/load/8;s1280*1024*24;uhttps%3A//cs-legion.clan.su/%3FVdS86dM68%2521n0OU3%255ET0QzhD1uSkdpmLXyvMx9aGpdAd1f4IegyIPOWh9e%253BszFlfK4ivizzYrkwe6Tlbj2d1jUkM%2521QdaeU;1669437797211
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_topline_worldwide?rhttps%3A//cs-legion.clan.su/load/8;s1280*1024*24;uhttps%3A//cs-legion.clan.su/%3FVdS86dM68%2521n0OU3%255ET0QzhD1uSkdpmLXyvMx9aGpdAd1f4IegyIPOWh9e%253BszFlfK4ivizzYrkwe6Tlbj2d1jUkM%2521QdaeU;1669437797211 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Thu, 25 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
coolboys.at.ua/_ld/3/49846.jpg
193.109.246.15200 OK 108 kB URL HTTP/1.1 coolboys.at.ua/_ld/3/49846.jpg
IP 193.109.246.15:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2009:03:06 14:49:20], baseline, precision 8, 307x460, components 3\012- data
Size 108 kB (107693 bytes)
Hash 2bc0a81643e0e9941bcc858f0cd1bd67
db92969c54875cb373220c7649edabefaea9ec95
4af6408d5253ebbc9103fe45352d9280dc9a33a2ac31866049685110eefa19a6
GET /_ld/3/49846.jpg HTTP/1.1
Host: coolboys.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/jpeg
Content-Length: 107693
Last-Modified: Fri, 06 Mar 2009 12:50:29 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "49b11c15-1a4ad"
Expires: Fri, 16 Dec 2022 04:43:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3205dfaacdd129fff726b0340dd598bb
01fe03d2ce2b74a6d5096ad3a333d2474e316599
5bca23de7f70d1f09bb3d19fea9aec735561486ae76f76f54c5092683805a778
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BCA23DE7F70D1F09BB3D19FEA9AEC735561486AE76F76F54C5092683805A778"
Last-Modified: Thu, 24 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Sat, 26 Nov 2022 10:43:09 GMT
Date: Sat, 26 Nov 2022 04:43:18 GMT
Connection: keep-alive
cs-monitor.ru/images/banner-1.gif
77.222.54.210200 OK 3.5 kB URL HTTP/1.1 cs-monitor.ru/images/banner-1.gif
IP 77.222.54.210:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash 4a981dcd758767cd6e54ce07e3c298a2
c9a1f0894c49a6159602b770691a61f5ea1c2d29
04628371f81d11ebaf2c5437b6c8e5d827ac5304ebe2842933a61f74c1543a3d
GET /images/banner-1.gif HTTP/1.1
Host: cs-monitor.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/gif
Content-Length: 3508
Last-Modified: Fri, 31 Aug 2018 20:45:16 GMT
Connection: keep-alive
ETag: "5b89a8dc-db4"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
ua.snapsnap.io/
104.21.46.37200 OK 3.8 kB IP 104.21.46.37:0
Hash 19f59b510765ceee2e4881bc9ca55ce8
55013bd3cd1dc5637ecbf28ae6cd033dff3a2167
52264adda552394a710050b03227867a66108ca23c727b986dd366436f111ac2
GET / HTTP/1.1
Host: ua.snapsnap.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 04:43:18 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
link: <https://ua.snapsnap.io/wp-json/>; rel="https://api.w.org/"
set-cookie: pll_language=ua; expires=Sun, 26-Nov-2023 04:43:18 GMT; Max-Age=31536000; path=/; SameSite=Lax; domain=snapsnap.io; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkId3nA%2Bg24NBjs4xgWg821KZEWYuQRSt%2FBuyGAF8OT81w%2Fv01fu7ZBgtV8K7hsE9S%2FRRIwsyLLfDlgUlC0HkSCuNI88e6LdbSxxIxggPG%2BLyHWsktl7%2FDf5Attoz9BQ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fff65bce480af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796250
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796250
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoznet?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796250 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Thu, 25 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
photobucket.com/albums/f287/Tidus000/20061110-counterstrike16frontei5cop.jpg
54.230.111.114200 OK 1.4 kB URL HTTP/2 photobucket.com/albums/f287/Tidus000/20061110-counterstrike16frontei5cop.jpg
IP 54.230.111.114:0
Hash 7eee3db6be5ddc7c736fa03b75e003ab
30d90ad1e41057dabcbeeea27c5cdafd088852c8
9474006ce8500768ad7063a4b7c8693e80d7db636899ed20fa96ceb300684a5a
GET /albums/f287/Tidus000/20061110-counterstrike16frontei5cop.jpg HTTP/1.1
Host: photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 22 Nov 2022 16:20:55 GMT
server: Photobucket
content-encoding: gzip
date: Sat, 26 Nov 2022 04:02:03 GMT
etag: W/"bc359f7529124f09b9b3cb89cc4e6b65"
x-cache: Error from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5Y2S0sZMcL5zUQkcjbW3jekFFZRSOTxSgJuJ1rqPy1VxlIeaoNIsvQ==
age: 2704
cache-control: no-cache
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
img-kiev.fotki.yandex.ru/get/3210/spyro49.4/0_6d19_70602ae8_L
77.88.21.31404 Not found 0 B URL HTTP/1.1 img-kiev.fotki.yandex.ru/get/3210/spyro49.4/0_6d19_70602ae8_L
IP 77.88.21.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/3210/spyro49.4/0_6d19_70602ae8_L HTTP/1.1
Host: img-kiev.fotki.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not found
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:43:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cs9969.vk.com/u25509300/107952186/x_dd9f8c44.jpg
87.240.137.164301 Moved Permanently 164 B URL HTTP/1.1 cs9969.vk.com/u25509300/107952186/x_dd9f8c44.jpg
IP 87.240.137.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6d359f551ba4cb27d59e94a6cddaec09
d230318bd921ad8167c2eb9dfdc7b1d7d2c7373f
9ecd8531025e89f5e1ca23d81203a9feddbd5b4b75ca79c9868cb53762293bc8
GET /u25509300/107952186/x_dd9f8c44.jpg HTTP/1.1
Host: cs9969.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: kittenx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://cs9969.vk.com/u25509300/107952186/x_dd9f8c44.jpg
X-Frontend: front512004
Access-Control-Expose-Headers: X-Frontend
counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796251
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796251
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796251 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Thu, 25 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796685
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796685
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;clickgate08?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437796685 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Thu, 25 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js
142.250.74.163200 OK 167 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (1329)
Size 167 kB (167119 bytes)
Hash e269c265007dcb5ecc3f2aa6155bc52a
cb8eed3b2684c2767bf45d652f6d630740051d04
85d7f1b40b063a3a07449151918eb63b85f2c6ff5d54936618a1a737ab5c7dbf
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cs-legion.clan.su
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 167119
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 17:40:52 GMT
expires: Fri, 24 Nov 2023 17:40:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 126146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 87275aa01f1216bee198e15226f66ff3
77151a5c23d3d5107408e7728a88a82f6253d25a
1c0eed2285b71bda91c3a2b7a3c1bcef11b764485be0273c269f1d2fe8f2180a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 30 Nov 2022 03:55:48 GMT
ETag: "77151a5c23d3d5107408e7728a88a82f6253d25a"
Last-Modified: Sat, 26 Nov 2022 03:55:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 162
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fff6634a2eb527-OSL
cs-legion.clan.su/favicon.ico
195.216.243.130200 OK 162 kB URL HTTP/1.1 cs-legion.clan.su/favicon.ico
IP 195.216.243.130:0
File type MS Windows icon resource - 8 icons, -128x-128, 32 bits/pixel, 96x96, 32 bits/pixel\012- data
Size 162 kB (161862 bytes)
Hash 51ce242b4996fade5d978202470cd9fa
80e60af84397e78a5fcf5825e6538334933ea288
bc38d7bbb43fbdd2889f9962b79a318f59e6a0571332c0cb0ad0823a2756eca7
GET /favicon.ico HTTP/1.1
Host: cs-legion.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/load/8
Cookie: 6cs-legionuzll=1669437797; 6cs-legionpushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/x-icon
Content-Length: 161862
Last-Modified: Sat, 11 Feb 2012 08:50:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4f362bb8-27846"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
cs9969.vk.com/u25509300/107952186/x_dd9f8c44.jpg
87.240.137.164404 Not Found 408 B URL HTTP/2 cs9969.vk.com/u25509300/107952186/x_dd9f8c44.jpg
IP 87.240.137.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 45fb7d06cdaada04f95ed8f3e0fc2e2f
c6fec340271d20aa7bede6bd1cab30655813517e
7b91e9285ef9a2317b657c744583d118b69857b8342ac4de69dba26f0e394aa2
GET /u25509300/107952186/x_dd9f8c44.jpg HTTP/1.1
Host: cs9969.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: kittenx
date: Sat, 26 Nov 2022 04:43:18 GMT
content-type: text/html
content-length: 408
etag: "5f6a5ec9-198"
x-frontend: front512004
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8523
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 04:43:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8523
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 04:43:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8523
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 04:43:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8523
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 04:43:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 22210
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mxC9qkJyuCX0NOEgkK3Z0LWPpxbTcFIvkrDAJ6KBnMFLHToB50AEFg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:02:20 GMT
age: 24059
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56d1528e942a2aa2a7f3f6a85f71e277
475980dd8b123ad0acdd54c441271bacad56489f
01f9bd707598d6cb869856ad01d1087f5abc8298727805f61266f6e823814cb8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10209
x-amzn-requestid: e6cf9a8b-bbdc-4978-a186-ffc82b369066
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWINF69oAMF5RA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813701-35f60a7425e3617e672916c9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:43:29 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NpYcqTynn1gdtbZInm4lBnTo9N6ev2jp0Rn6ozMhQlh8kVJ9orQWnw==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:35:20 GMT
age: 22079
etag: "475980dd8b123ad0acdd54c441271bacad56489f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cfec0de07b11c3b4b2bde82a9d85395
c6a37206ae6327b5626ee48675638fb3b79eaf2b
b5cd58f099675e96d8f28b633c18db2aab90f1e7e0f593cd38e654f1956c53c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10966
x-amzn-requestid: 9c8cca96-85d6-4256-9f64-e7ed26946e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOLHMPoAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358d-2857476f6bdd231525a041f8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BvVDw2WpkhgODREwoilGkb1D-mT5E08DC0B14eIlpe7NupmgUSKTfQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:31:20 GMT
age: 22319
etag: "c6a37206ae6327b5626ee48675638fb3b79eaf2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c135ab961de12d926b94f9abae8adbe
139f48ea60880efc6d2977f4d3141809f22adfef
1578a994e7c4eef451f1c744116caa95e1aa995c4817a13832f1ac3487cea95d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2944
x-amzn-requestid: 8f1b2573-39ab-442e-8c6e-97538a28aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWXXEjJIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813762-52f27ff536b0c3b84bdfba8e;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:45:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hy8v_azPZzuVRv1VN61DoNWbfA83JPs4JcZfRyLo3j6HCtWv_gkNw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:48 GMT
age: 24871
etag: "139f48ea60880efc6d2977f4d3141809f22adfef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:04:28 GMT
age: 85131
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cs-strikez.clan.su/_ld/30/25108492.png
193.109.246.46200 OK 886 kB URL HTTP/1.1 cs-strikez.clan.su/_ld/30/25108492.png
IP 193.109.246.46:0
ASN #204343 Compubyte Limited
File type PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 886 kB (885895 bytes)
Hash 76f3e7b70ed3f657268cedc3f3e72d4b
879c563fd9b08ccfa13f9e56c36e37fe4b4b2579
43d31a2c00604a27087b98fddc91fdf3bb44c2d962efb19e2bd8dee2537979aa
GET /_ld/30/25108492.png HTTP/1.1
Host: cs-strikez.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:18 GMT
Content-Type: image/png
Content-Length: 885895
Last-Modified: Sun, 10 Apr 2011 19:33:25 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4da20605-d8487"
Expires: Fri, 16 Dec 2022 04:43:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 66a809304670591e28394bcf6a42cc56
7a13b9948a8f5cc4c1fd048e4e5f2b8f397b5457
04ea73306171d585ec2d5b9f786af867320e73f692cbb93ff0d318bba2a7d857
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04EA73306171D585EC2D5B9F786AF867320E73F692CBB93FF0D318BBA2A7D857"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15816
Expires: Sat, 26 Nov 2022 09:06:56 GMT
Date: Sat, 26 Nov 2022 04:43:20 GMT
Connection: keep-alive
absoluteroute.com/bens/vinos.js?23433&u=null&a=0.17155989712077147
193.200.64.20200 OK 140 kB URL HTTP/1.1 absoluteroute.com/bens/vinos.js?23433&u=null&a=0.17155989712077147
IP 193.200.64.20:0
ASN #6681 Rozetka Sp. z o.o.
File type ASCII text, with very long lines (727)
Size 140 kB (140149 bytes)
Hash 402b5a5cbb7bcc4746961ba498b7a892
d7d8ac24a7ee216815c32a88b89c19ab7377f734
c9d0c561949f5548766ebf9d80d23ed5e9277a0aaa568e1687d035d069dfdc81
GET /bens/vinos.js?23433&u=null&a=0.17155989712077147 HTTP/1.1
Host: absoluteroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 04:43:20 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16694375731532635802; expires=Mon, 25-Nov-2024 04:43:20 GMT; Max-Age=63072000; path=/; samesite=None; domain=.absoluteroute.com; secure
counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437799255
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437799255
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//cs-legion.clan.su/load/8;1669437799255 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cs-legion.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 04:43:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Thu, 25 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
www.whitegadget.com/attachments/download-mobile-games/7228d1205583961-free-mobile-games-counter-strike-3d-others-counter-strike.jpg
103.224.182.253403 Forbidden 0 B URL HTTP/1.0 www.whitegadget.com/attachments/download-mobile-games/7228d1205583961-free-mobile-games-counter-strike-3d-others-counter-strike.jpg
IP 103.224.182.253:0
ASN #133618 Trellian Pty. Limited
GET /attachments/download-mobile-games/7228d1205583961-free-mobile-games-counter-strike-3d-others-counter-strike.jpg HTTP/1.1
Host: www.whitegadget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.0 403 Forbidden
Cache-Control: no-cache
Connection: close
Content-Type: text/html
vh380.timeweb.ru/parking/?ref=qcs.su
92.53.96.174200 OK 0 B URL HTTP/2 vh380.timeweb.ru/parking/?ref=qcs.su
IP 92.53.96.174:0
GET /parking/?ref=qcs.su HTTP/1.1
Host: vh380.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 26 Nov 2022 04:43:17 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"11508-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
img2.cda.pl/PV9keF92cmo9X2MtYjE1LGxlOXJiNGZ6bzQ2IDI9My9pYTgsYzI1eGkzLn5wYl8tPzMuJTI2Li0_M18lNjA2LjkwNSYxZ2Iu/c9b450ae9fb1ffb4642833da88c75dd3.jpg?w=800&h=600
146.59.70.156200 OK 0 B URL HTTP/1.1 img2.cda.pl/PV9keF92cmo9X2MtYjE1LGxlOXJiNGZ6bzQ2IDI9My9pYTgsYzI1eGkzLn5wYl8tPzMuJTI2Li0_M18lNjA2LjkwNSYxZ2Iu/c9b450ae9fb1ffb4642833da88c75dd3.jpg?w=800&h=600
IP 146.59.70.156:0
GET /PV9keF92cmo9X2MtYjE1LGxlOXJiNGZ6bzQ2IDI9My9pYTgsYzI1eGkzLn5wYl8tPzMuJTI2Li0_M18lNjA2LjkwNSYxZ2Iu/c9b450ae9fb1ffb4642833da88c75dd3.jpg?w=800&h=600 HTTP/1.1
Host: img2.cda.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 26 Nov 2022 04:43:17 GMT
Content-Type: image/jpeg
Content-Length: 338617
Last-Modified: Tue, 22 Apr 2014 17:30:00 GMT
ETag: "5356a718-52ab9"
X-Img-Server: 01-waw-back
X-Varnish: 725620286
Age: 0
Via: 1.1 varnish (Varnish/6.5)
Expires: 3600
cache-control: max-age = 3600
Accept-Ranges: bytes
Connection: keep-alive