r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13164
Expires: Sun, 05 Feb 2023 17:59:57 GMT
Date: Sun, 05 Feb 2023 14:20:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2413
Expires: Sun, 05 Feb 2023 15:00:46 GMT
Date: Sun, 05 Feb 2023 14:20:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9910
Expires: Sun, 05 Feb 2023 17:05:43 GMT
Date: Sun, 05 Feb 2023 14:20:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 13:33:55 GMT
content-type: application/json
age: 2798
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xbzilvJu6ttFraXoc09pGaBVdvNVpmgHC33YE6UeEqQb4WriR/I362IkGhVXCz8obxr4cTyiplPgKUQURkdC/w==
x-amz-request-id: NE55YWM8KE1BG3TS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 13:53:18 GMT
age: 1635
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:20:33 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
compsennausupu.ga/ru/lukoil-bonus/
104.21.86.105200 OK 3.7 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/
IP 104.21.86.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 69ac839271d92069a40f09cb69493954
b77f057bbf5cadb72e72d780221db81499cb8a02
acea019c51e65eec30a6c3bc7751ced470c24ea14b165c8b1a12296160d34b07
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/ HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j27Io959aRa2aUe%2BQoBni8cga7D27W67nyNlDQE8jTrbXodcbX5BmoMEQ1IwmQbemwnaD9%2F3QMEYa%2F0zaN8r1%2B0H8ll2yvJ6m4FCThy1nMtHzsQahJXduzLY3ci5336GYHjOiw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794c49957816b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 13:49:07 GMT
age: 1887
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14775
Expires: Sun, 05 Feb 2023 18:26:49 GMT
Date: Sun, 05 Feb 2023 14:20:34 GMT
Connection: keep-alive
compsennausupu.ga/ru/lukoil-bonus/static/js/jquery.mask.min.js
104.21.86.105200 OK 3.1 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/js/jquery.mask.min.js
IP 104.21.86.105:0
File type ASCII text, with very long lines (526)
Hash 445f55b06dc35829f9b61ea8202e4e83
69c7f7f2e7dbd910cd90ed4b24586845c5d900f4
b1cc691b4b01170a047f39ae8a8aa51ece690592266a4c51aba755f47a78806d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/js/jquery.mask.min.js HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:45 GMT
ETag: W/"5ee2444d-1cfc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Swimyqj%2BpxjFK5WwlkbzOzGHJYvAOLviI1knQ0T1NSpcxznA4BXHPf2kMIFSRlXL6iadzYFjoJ4WVZsg3Jds9YC2LJmPExrr8IO9VzvEHydtVh04Q%2B8UxfR7ZMEQtYDuXIPpig%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49996939fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/js/main.js
104.21.86.105200 OK 3.2 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/js/main.js
IP 104.21.86.105:0
File type Unicode text, UTF-8 text, with very long lines (310)
Hash 7ba9a41872393c61dde9f67902c81827
e0bae6707a6a87376d29ee0aa873148ea01cf816
02b173a5ba8f9ebe13a9cab9a34f549451d37b22dd5a882b7210ca7e5f36f710
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/js/main.js HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:46 GMT
ETag: W/"5ee2444e-2923"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfED5yvBa8FzNLabOAsbhtb7kuaewN2quSnIMSQDoysMMkxcIu9nRy4ZJIJYw2%2BJDegA1VhdDVwBkn6NxJ8%2B3VfRMk7JDgbMBQ4xVXCIwrJIKNnpcXsEADoPM41UWZZJ2jFiaA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49996f2eb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L1deMljwTZzlGG2QxIZ6AA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +uEQiStma1l1nOhSs1D2Q78+9QQ=
compsennausupu.ga/ru/lukoil-bonus/static/css/main.css
104.21.86.105200 OK 5.1 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/css/main.css
IP 104.21.86.105:0
Hash fa7bc4728d98ea486e50af2f36e8452d
01b7ff46af6632e88c5c1fc698cf0dbdfcaf4257
de99e085b7779bde912ac1a5eef0d70d6488a9973c45291d40ce7f8d212895e0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/css/main.css HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:42 GMT
ETag: W/"5ee2444a-741c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84mUwUvmYN8j06RAKXiq%2Fwrs8HWcxCDcDZEl3sqk1HGNHPPSz8n4srbayww3IerU%2BHvPxy9jNwcLGUOLpcIW0zYq8wywU66FC9xvgNeOtUcOy75pSHa6X4dOsk2B4Fv5nlSfvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c4998fc58b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/js/comments.js
104.21.86.105200 OK 5.0 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/js/comments.js
IP 104.21.86.105:0
Hash eaacac81ff90cd124dd9c534942095a2
7f1ec6acd99ff35dc1d34c35fbd5c0e214789168
29a42f5b14c30bbc85b5ad2fbef0710464cdae60f2ce26cc256b22a0a0bad3e5
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/js/comments.js HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:45 GMT
ETag: W/"5ee2444d-46eb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aka%2FTWnIVAwkGb2c2TiGwyaZ78qSDrTaqkRzGJ6mDciDa0FtpGi9D7iXPPrAopKvJ%2FjacvrXrZQjyq4T7ajsuEH5S7h6oSbduduZYp%2BCIxL9WzGjmQsM1UPdXEHd40mfPHOBnw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49996d77b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/js/jquery.js
104.21.86.105200 OK 31 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/js/jquery.js
IP 104.21.86.105:0
File type ASCII text, with very long lines (65451)
Hash 176e4a2e6e7128bda339fb357f1ff5a9
bfccc14b2f09fd6e743ad7342f075969d284d665
ff9ca68f99f59799e93c455b61602f7e977f260dca389bc1c9b03740872504b2
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/js/jquery.js HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:45 GMT
ETag: W/"5ee2444d-15d83"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EjmsYVeRra7671bvGrtOj8cdeRZng3EFH6r0tAxndwfCp%2BV1Zsg7NishhKe6ZNxuB1BRpZT2GTaB77ghyQ0ESUl7ffT0b8HUrTIIFlC55x%2BrAnQdMqz4X%2FGeM%2BrVeFzdTPbZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49996bc40b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/css/vkcomments.css
104.21.86.105200 OK 131 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/css/vkcomments.css
IP 104.21.86.105:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 131 kB (131183 bytes)
Hash f90f4295b85e74b8bb46406fb52a1f2b
58bab65e276dfb8a309e30a5a35bc85676fd42b1
f6683b9cf0b2d0b8ddabb5e18a14a75d32403088448cda067022984decbfc105
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/css/vkcomments.css HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:43 GMT
ETag: W/"5ee2444b-a38bf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INBqB3UpQt9YGgRhMTvdEwXr1KP%2F%2FFCtGQrybz0H1z%2B00blgfwGl%2F2MfjW5KdcikVGvwo0s0L%2BOe8cdKl5zDhF5b3guzJwVHcKVd8BpRF%2FxBI%2BpaxonRobnIPR3sOP6xRjlBfA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c4998fb6eb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/painting.png
104.21.86.105200 OK 4.3 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/painting.png
IP 104.21.86.105:0
File type PNG image data, 320 x 155, 8-bit/color RGBA, non-interlaced\012- data
Hash 3fd97535c5002e4dc934ae57d2115f39
53a4558cbcad8b2520c5451a0d323f02b5d84d89
ef37e292af47e1fbc9552b9761b0d6ea25e24ba845b85a85233bde6cc78e04fc
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/painting.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:35 GMT
Content-Type: image/png
Content-Length: 4316
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:52 GMT
ETag: "5ee24454-10dc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5QEa3RDqwgBabvyGSyigJ4VeSBH95V1YtrdhIGm07MLMzF73KEMl2v62qYGBmNARPKP%2BlKKVz7yVd%2BBstX1tosCS7zHqmtR0Df45TxPlcZZzQgB7P%2BrzhYJjj8BBOJKfFrPvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a019b50b55-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/10%D0%BA.png
104.21.86.105200 OK 50 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/10%D0%BA.png
IP 104.21.86.105:0
File type PNG image data, 660 x 494, 8-bit/color RGBA, non-interlaced\012- data
Hash 133cf4c0a3d0e95deb167063be5ee6bd
9fd501826e0d13afc31fba12d4d95c37ce6f5394
3e58a1861befc775173f37d7992600af3cff7b0446b446617d11fa55a02da02e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/10%D0%BA.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:35 GMT
Content-Type: image/png
Content-Length: 50171
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:49 GMT
ETag: "5ee24451-c3fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IniO1HrWKbfq15%2B2oXw1u5hK8sz1TzaBjBC4QaxnPsyGhdApvxA7dND1d76HMl2bJvvMVwB8SYkM%2FiefHSHLkFgY%2Bh1Mcmu0%2B38g0aSxbEUmN3fiYvWEQ%2BlOPurcXIuAMsPBA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a01e96fac0-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/photo_2019-07-31_19-27-54.jpg
104.21.86.105200 OK 86 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/photo_2019-07-31_19-27-54.jpg
IP 104.21.86.105:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Hash b5c86abfa9b5af374c33da0dcf54f48b
9df1cef8a70ef4ec3460c5e045656ef906a3230d
487cc4a122e61dabf22febb1b3dee18d2ef24bd566c0804e7831ca5ee7411a60
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/photo_2019-07-31_19-27-54.jpg HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:35 GMT
Content-Type: image/jpeg
Content-Length: 86365
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:53 GMT
ETag: "5ee24455-1515d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4W8dEpxD7maLYk6tNSvM%2Fcc0u3z38v%2FVgclQGbkArc%2B7NkSxWlfOHMFB218aepR5afdmNCkMXFqtptv%2Bxik0TkH574mb%2FqbKvEL9K3O56s3Ywl8%2BqRIWJdgPBwDSPQRuTQ5EiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a01f6fb524-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/50k.png
104.21.86.105200 OK 56 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/50k.png
IP 104.21.86.105:0
File type PNG image data, 660 x 494, 8-bit/color RGBA, non-interlaced\012- data
Hash dcc9115751c361774789ffed79f976ea
7b9d51e86866828416514305bcb3ef5ea3bd4807
c0857d340d04f5680fd194f219ef1e884e18e19e4088576859f63aad7685c2b8
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/50k.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:35 GMT
Content-Type: image/png
Content-Length: 56309
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2022 14:47:25 GMT
ETag: "61e5817d-dbf5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpTMLMLs5nEmaJMBZFgGV2h9hk9xBo2%2BqoFTdVuHKLejAXqlppgHohYpFnQjsU9IftubclKJ5642lvAWzF%2BiIi1FQxbDyZA1hB2NjUSS9zj4AV2O33lZzS1ZO%2BdYj6Q7t43xEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a0190fb512-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/100k.png
104.21.86.105200 OK 57 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/100k.png
IP 104.21.86.105:0
File type PNG image data, 660 x 494, 8-bit/color RGBA, non-interlaced\012- data
Hash 0344c5b5151db350f46132bfb9bc89e2
f3f9207dae4f58ff146a163cdd891372799f6c70
41b3f25b8f480198fee4e3e7bd665a42388fbb54097082466bd64a5a7f71ef0a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/100k.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:35 GMT
Content-Type: image/png
Content-Length: 57122
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2022 14:47:25 GMT
ETag: "61e5817d-df22"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmE6j1HEtD94y5m4l0gEcrITygdo1PlSJErkH7UdlyQc7BccMcoExpiVuVbH46fS0o32cx%2BXwdCJasLlhDfMIgD3cYXo54N7UCGgJZSm97sKiVfrM%2B6pykSV7LuP0SxJ4Vs9DA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a01d79b50c-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/2%D0%BA.png
104.21.86.105200 OK 64 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/2%D0%BA.png
IP 104.21.86.105:0
File type PNG image data, 660 x 494, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e5af04ae4966933dd88c34cecfaf38b
3b5196a7d1e3505b855fdd45dfc2d3374330ff19
229ba5846487869aff656213d1c19f1113cd8852232e11f21e50934e84b03f5d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/2%D0%BA.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:35 GMT
Content-Type: image/png
Content-Length: 63827
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:50 GMT
ETag: "5ee24452-f953"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60ud%2FMAc%2BHmXLe3z%2F0qAW3cyLZ8Oo13fDwvNr%2BTNdI0qEQgMDxGd9%2BAAp2jp1tWwT4EujWrO4i7Ow7J3UidxFbplVwo%2BLa%2FSKf5ec3LmARu1DIwrNC4FDi6TXuh5WSsB2IZ6UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a01d33b4ee-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4466
Expires: Sun, 05 Feb 2023 15:35:02 GMT
Date: Sun, 05 Feb 2023 14:20:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4466
Expires: Sun, 05 Feb 2023 15:35:02 GMT
Date: Sun, 05 Feb 2023 14:20:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4466
Expires: Sun, 05 Feb 2023 15:35:02 GMT
Date: Sun, 05 Feb 2023 14:20:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4466
Expires: Sun, 05 Feb 2023 15:35:02 GMT
Date: Sun, 05 Feb 2023 14:20:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dbe304b5138a360ff07a9842bcf6a7f
00572f7667e322c9ef34bc35b7998c1c172dd34c
d63c58d6c96e23c61b92272de8c2aab01f4cf85f3420cc434c05447d355b1c77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: a3bffa19-86ce-4a59-b826-551deddb3e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fostZG2xIAMF0wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c188-18acd7311c6190c9486e86ac;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 01:34:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mWqq5MbsWYvQmSzPw3kTdjzTkz22mNHbOoqyiHfbxv0BhNhgFfnZGw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 59804
etag: "00572f7667e322c9ef34bc35b7998c1c172dd34c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 12:31:54 GMT
age: 6522
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 84411
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEoFHOKIAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:45 GMT
age: 58131
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 38428
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 59817
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
compsennausupu.ga/ru/lukoil-bonus/static/fonts/Geometria.woff
104.21.86.105200 OK 47 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/fonts/Geometria.woff
IP 104.21.86.105:0
File type Web Open Font Format, TrueType, length 46804, version 0.0\012- data
Hash 5b3095d4d47c44c339c00087e66242d8
4ca09b9930baa2c347992995887d06fe2971efa0
c7714c82617471d1fd838299c9a428b77a1be6189dea1d0fcd5e9c09e4989e05
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/fonts/Geometria.woff HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/static/css/main.css
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:36 GMT
Content-Type: application/font-woff
Content-Length: 46804
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:43 GMT
ETag: "5ee2444b-b6d4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F16cvG%2FZGVk6rIeKnJ20g6yyCzfHtLZGYv7t3xmz1J2ZdqVAovUsqxcotVkqLegwmX6YBFFEG0Fxsxva5yKEZD9karGyO45rqUaxt%2FjirNQtFyAaKx5ncxbH9BhZBq%2FpzzVTKA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a2dc920b55-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/icons/comments_widget.png
104.21.86.105404 Not Found 116 B URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/icons/comments_widget.png
IP 104.21.86.105:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/icons/comments_widget.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/static/css/vkcomments.css
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 14:20:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mvIX9XWkF8O5QOqbgpYX%2F8yInBAk00AK9HTNuQ%2FBvXeCSYY5ZXjF4aNflsB5FwbadxzsqpElccFms1sqvJ%2B%2F%2BDuS44ThZxJV4zrzNlJLJzqk9T02WADrSFbsnZ8%2B8fSRJG8ew%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a4dc7bb4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/director.jpg
104.21.86.105200 OK 37 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/director.jpg
IP 104.21.86.105:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 600x800, components 3\012- data
Hash 4f7f99d99dffc1c823c97c47299bbb93
aabeb799c4cd5f150339334f8a342299531527fd
66980b944e9be03a6bb2c0eb855884ec6bf5be715b2197dd175f3bd0466918f6
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/director.jpg HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:36 GMT
Content-Type: image/jpeg
Content-Length: 37424
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:51 GMT
ETag: "5ee24453-9230"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcvCeFI3NV4Tq%2FGy0gE9GxBTQ3bGW88%2FPJIxTexc%2BLQCjVXSnWay3BgXIxGHFiqfVPzwYDlccc3DCFIbBTz1x2QIttVmqfQOxK52z8A1GSkuQ9w9L3onEdU3N8pAw%2FJbSkcLhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a4cbe8b50c-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/fonts/Geometria-Medium.woff
104.21.86.105200 OK 47 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/fonts/Geometria-Medium.woff
IP 104.21.86.105:0
File type Web Open Font Format, TrueType, length 46808, version 0.0\012- data
Hash 31d95d36b9e3eb840c57f2f6caf058e6
a4555b76265cbbeb508aa6077279ad9b8b1d52c5
10a12049c7884bc104e4897672142d76d49a77ab7dc753ede70a4a013caf06ce
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/fonts/Geometria-Medium.woff HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/static/css/main.css
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:36 GMT
Content-Type: application/font-woff
Content-Length: 46808
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:42 GMT
ETag: "5ee2444a-b6d8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=227Spjq4r%2BLd8X2H66RAurngI64E4ppYZ9KIXXkm%2FUfgp5vYuXCQBnBUoIIhU0lqERpIavtYRRCtMToP1KknFZIIG%2BWswPRKWdXy2vFfQD0QidaGIQqakwWnn5rI1aAzVZeSXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a49a35fac0-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/logo.svg
104.21.86.105200 OK 2.3 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/logo.svg
IP 104.21.86.105:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6426), with no line terminators
Hash 1bc699cfcd53aed6ab74f6a398cd9e38
5e137f1726c57a5290eeab7bfee8b854fe0ad081
ba814b16fba33cf64b7e484c5ef714577d6c9f8d7b3e0d2dc4299695ff1df8b7
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/logo.svg HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:36 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:52 GMT
ETag: W/"5ee24454-191a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EC%2BCWYGiW9x3dLa53t99KCPprB0VYNl8iER%2Fjfu2q1K5dduZbUCp237APWDK%2BqIU5XwIqYdyEB%2FWk%2FxzzCmXJsACZIPa2FCIsv6j75aSmps2AFEFgL4FEdF9pej8pEoySVpg%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a728d30b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/5%D0%BA.png
104.21.86.105200 OK 50 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/5%D0%BA.png
IP 104.21.86.105:0
File type PNG image data, 660 x 494, 8-bit/color RGBA, non-interlaced\012- data
Hash c24c7f669d72f5c83ee0141dfa8a2988
ae691dd4a522b34a3e70a2465cf8c8022c76bf12
d58da59f15f047e0f2fceab0a440fb2a336e5bfe56d9aadc6df37eba0eda65b9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/5%D0%BA.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:36 GMT
Content-Type: image/png
Content-Length: 49766
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:51 GMT
ETag: "5ee24453-c266"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8s%2Bz4Bv%2F8WR2vTmdFwq3sXYYU%2FripHFaXDtUwUSzn7AWjPGtzNNFRyyiglCNYsQ3bdOXVcR1DCl9qlETBwzZQWIwCHScpm0vG4Px%2FlL9TrkYOk%2Bo0MHLBfp2z4IWLKDxz2MEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a74fc3b4ee-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/fonts/Roboto-Regular.woff
104.21.86.105200 OK 280 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/fonts/Roboto-Regular.woff
IP 104.21.86.105:0
File type Web Open Font Format, TrueType, length 280060, version 0.0\012- data
Size 280 kB (280060 bytes)
Hash 8c9e2179f46b280d31ee9422ce0e41e2
3a04db5ed2137206c5868cf94ccbe0cba4ae280f
4e88cc5d3ac1f10bfe52ba2325b1c1645e11406e17707931723d3ecdba2770d0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/fonts/Roboto-Regular.woff HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/static/css/main.css
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:36 GMT
Content-Type: application/font-woff
Content-Length: 280060
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:43 GMT
ETag: "5ee2444b-445fc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZoDWRSXx1EEadjMn0Li%2BF1uk6AihFtVqxgUDbBXezWsZrkzsJbUtL%2BYv4F8yTF4T%2FvbYwFoNhEfLr5GIgeOWqmBpHJjcSIus4EeYbDX2xz5B3zH3MejL7ssgH8qhs8xJ%2B4W1w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a4cf56b512-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/fonts/Roboto-Light.woff
104.21.86.105200 OK 281 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/fonts/Roboto-Light.woff
IP 104.21.86.105:0
File type Web Open Font Format, TrueType, length 280972, version 0.0\012- data
Size 281 kB (280972 bytes)
Hash a79ff836df2a73abf2dacb1f1af2d225
2fa057b66d36d990a9e913af36af44f0f78dec04
527e57c2b8c55a00804198df15551bea4ce6a54773c70ce1071cbfdbbf38ce9c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/fonts/Roboto-Light.woff HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/static/css/main.css
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:36 GMT
Content-Type: application/font-woff
Content-Length: 280972
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:43 GMT
ETag: "5ee2444b-4498c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPqJtEgEEWtz2LprwKmLQF4bkcb%2BCLytFbrWQMwJWfeZRJ%2BCFNhLNBjXSycQJkj%2FBuFAUDmPXT4bT2bEAUqt4gRLI3ZXt1NTeN7Y9z7PE3e3LpBufgly6vAsTCdOfdooGV9BKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a4a80ab524-OSL
alt-svc: h2=":443"; ma=60
compsennausupu.ga/ru/lukoil-bonus/static/img/general/15%D0%BA.png
104.21.86.105200 OK 50 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/15%D0%BA.png
IP 104.21.86.105:0
File type PNG image data, 660 x 494, 8-bit/color RGBA, non-interlaced\012- data
Hash 8773951656256870922a613db1449769
9e51802ef85316fe7bd1e409ff9e45bd62210abe
649f8f1bb97bba3d2d53f3d7abb5d4efecbaba2ea2ae5a4e5afa73650dc4ff1a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/15%D0%BA.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: image/png
Content-Length: 50080
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:49 GMT
ETag: "5ee24451-c3a0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qdvTtu%2Ft0Y%2B04d94xPZsfXlDWvHE%2FxvPAOlxgv8Rf3RwIPyGEdRefcmexKdHQjXJvxptls5MHVdRW6Z6h8KhCmyjVU21690ypcBS72uTSGPJlK3Ld2JyanV77lwTBPqCLm%2Bjw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a818deb50c-OSL
alt-svc: h2=":443"; ma=60
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 337d3c14aab46cbe1cfc4724391a8e89
811233425daa059aa25422b1d63d2015691b6045
14a3c3e31cab844c4461f9ae798e4ff41627e5a4f79dbea5361a6717f0da0093
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 09 Feb 2023 13:52:38 GMT
ETag: "811233425daa059aa25422b1d63d2015691b6045"
Last-Modified: Sun, 05 Feb 2023 13:52:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 434
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49acef35b4f9-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 578f546281199e1fc8c38c2f1f441750
e3e43de58acba2ba94af8129a348e8d41f398330
fd7e6b99348ab19608ae6e267751f2c8c73e081a2c0b605bf73e942736669e18
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 09 Feb 2023 11:20:55 GMT
ETag: "e3e43de58acba2ba94af8129a348e8d41f398330"
Last-Modified: Sun, 05 Feb 2023 11:20:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1934
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49acff5db4f9-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 578f546281199e1fc8c38c2f1f441750
e3e43de58acba2ba94af8129a348e8d41f398330
fd7e6b99348ab19608ae6e267751f2c8c73e081a2c0b605bf73e942736669e18
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 09 Feb 2023 11:20:55 GMT
ETag: "e3e43de58acba2ba94af8129a348e8d41f398330"
Last-Modified: Sun, 05 Feb 2023 11:20:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1934
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49ad0bcc0b06-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 578f546281199e1fc8c38c2f1f441750
e3e43de58acba2ba94af8129a348e8d41f398330
fd7e6b99348ab19608ae6e267751f2c8c73e081a2c0b605bf73e942736669e18
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 09 Feb 2023 11:20:55 GMT
ETag: "e3e43de58acba2ba94af8129a348e8d41f398330"
Last-Modified: Sun, 05 Feb 2023 11:20:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1934
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49ad1f80b4f9-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 578f546281199e1fc8c38c2f1f441750
e3e43de58acba2ba94af8129a348e8d41f398330
fd7e6b99348ab19608ae6e267751f2c8c73e081a2c0b605bf73e942736669e18
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 09 Feb 2023 11:20:55 GMT
ETag: "e3e43de58acba2ba94af8129a348e8d41f398330"
Last-Modified: Sun, 05 Feb 2023 11:20:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1934
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49ad1bfe0b06-OSL
pp.userapi.com/c852016/v852016462/12a111/xZHL5x6QPc4.jpg?ava=1
87.240.137.137200 OK 15 kB URL HTTP/2 pp.userapi.com/c852016/v852016462/12a111/xZHL5x6QPc4.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash a1b59f5e54d60317ea93b3de097f8ce8
33f46ab01057d234394f596c2b4d36ac3a87fff2
3349224fa7553bb09ea418bd74e6b18818745a0368fe8329f8c0f7cff12a546f
GET /c852016/v852016462/12a111/xZHL5x6QPc4.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 14808
last-modified: Wed, 29 May 2019 14:46:14 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 578f546281199e1fc8c38c2f1f441750
e3e43de58acba2ba94af8129a348e8d41f398330
fd7e6b99348ab19608ae6e267751f2c8c73e081a2c0b605bf73e942736669e18
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 09 Feb 2023 11:20:55 GMT
ETag: "e3e43de58acba2ba94af8129a348e8d41f398330"
Last-Modified: Sun, 05 Feb 2023 11:20:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1934
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49ad2f97b4f9-OSL
vk.com/images/camera_200.png?ava=1
87.240.132.78200 OK 23 kB URL HTTP/2 vk.com/images/camera_200.png?ava=1
IP 87.240.132.78:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 668f92e936e6c426400802fee4c711b9
83633a67b6758108d80a6f5ba67e49f8b12612bc
8efa03b9ff85c5e4e945f9bb66a8e576e9f57c66c5b404db35faab279a831d3b
GET /images/camera_200.png?ava=1 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/png
content-length: 22867
last-modified: Tue, 22 Sep 2020 20:29:55 GMT
etag: "5f6a5ec3-5953"
expires: Sun, 12 Feb 2023 14:20:37 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 123db2ca0297c9d7d517070f01977c60
8828afd6e67a2a6713737be5adbfb9335a700e06
1572f3d658d6f181ea623813f875be2b17bb5d4c30b00034270e67f72e723345
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 09 Feb 2023 10:33:46 GMT
ETag: "8828afd6e67a2a6713737be5adbfb9335a700e06"
Last-Modified: Sun, 05 Feb 2023 10:33:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1557
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49ad3c200b06-OSL
pp.userapi.com/c841422/v841422872/afa6/7uOV04XAz5A.jpg?ava=1
87.240.137.137200 OK 14 kB URL HTTP/2 pp.userapi.com/c841422/v841422872/afa6/7uOV04XAz5A.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 1bbad063352babac3c093caef46d0acb
ed979e7de80945168a2d6dee7a5b0a492a072cc3
f1b5015d82543eb44542f5aae5548ae2c7518327a54a512a63c0d59e81795c60
GET /c841422/v841422872/afa6/7uOV04XAz5A.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 13522
last-modified: Thu, 27 Jul 2017 16:47:28 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c841022/v841022500/554b6/Flh9w9t87mU.jpg?ava=1
87.240.137.137200 OK 15 kB URL HTTP/2 pp.userapi.com/c841022/v841022500/554b6/Flh9w9t87mU.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 949417782b02a00b5990df62f1c322ac
2c2ac16826ff6d2519c00f6b2920d2e042350b71
417db116bed44730a91bbe80021e53a3401c5cc340747a95a2c86669613e09c1
GET /c841022/v841022500/554b6/Flh9w9t87mU.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 14611
last-modified: Wed, 27 Dec 2017 19:17:47 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun9-6.userapi.com/c850128/v850128085/136aef/GXMVwqqYtgA.jpg?ava=1
87.240.185.133200 OK 14 kB URL HTTP/2 sun9-6.userapi.com/c850128/v850128085/136aef/GXMVwqqYtgA.jpg?ava=1
IP 87.240.185.133:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 3b7fa24f279e0a47c943a7aca5c41cc4
0e6f4707aba4ba42fd8a68f149c0441f27b3bfaa
72bfc9e56b1e290b558f541396eeda03815631f82253f90f383e5a7236934354
GET /c850128/v850128085/136aef/GXMVwqqYtgA.jpg?ava=1 HTTP/1.1
Host: sun9-6.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 14329
last-modified: Sat, 11 May 2019 06:25:15 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front221105
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
compsennausupu.ga/ru/lukoil-bonus/static/img/general/20%D0%BA.png
104.21.86.105200 OK 50 kB URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/static/img/general/20%D0%BA.png
IP 104.21.86.105:0
File type PNG image data, 660 x 494, 8-bit/color RGBA, non-interlaced\012- data
Hash ce44b4c4e1f44c417eec386d5f666832
7e89ae9c967ddb8dcce2156a1a13f03417e41039
7e17068d45622b294f8d5347d45fec203de5600b1bf193e55e374309ae2c224c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/static/img/general/20%D0%BA.png HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: image/png
Content-Length: 50374
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:49 GMT
ETag: "5ee24451-c4c6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7G93ZZUVeZb%2FqutCA1NMhYZFOA1dZP7vY8wFKyEo0Z4RQDFUUUm6uSXbHf0%2FkbjM7vOpoXN7SORfPjlkEzHrHHgEPOI%2BB9mBzKSyu8S9v7YsXF89oLG0vTYOtsF%2Ffc%2B%2BM8W2Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49a90d95fac0-OSL
alt-svc: h2=":443"; ma=60
pp.userapi.com/c834303/v834303640/837de/rFa45evhyxY.jpg?ava=1
87.240.137.137200 OK 12 kB URL HTTP/2 pp.userapi.com/c834303/v834303640/837de/rFa45evhyxY.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 976b15da33325e29e007d9996038da7c
61bce622bcb57879e004de2fa343f7fff845975f
89ec193043e9035a98baeabb6dd61afa33d873de137d21999ac8eee17f1c70a3
GET /c834303/v834303640/837de/rFa45evhyxY.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 11743
last-modified: Fri, 12 Jan 2018 22:35:08 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c636017/v636017094/2053f/y4dJiZWD188.jpg?ava=1
87.240.137.137200 OK 8.5 kB URL HTTP/2 pp.userapi.com/c636017/v636017094/2053f/y4dJiZWD188.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 1217e77273c853b49988d5364b8a7a84
5ddc05ded07117b9d909d97880fdeecf9cdbd9f2
767da781fe013e58e40389c1e0c9f970af5c672fb545a82d77d0c2683a551032
GET /c636017/v636017094/2053f/y4dJiZWD188.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 8490
last-modified: Thu, 18 Aug 2016 08:08:53 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c851328/v851328617/1300a0/-6pcbsCkBV4.jpg?ava=1
87.240.137.137200 OK 12 kB URL HTTP/2 pp.userapi.com/c851328/v851328617/1300a0/-6pcbsCkBV4.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 113ed1e12d267373bc7165dd43d2874d
7dc6259b31d87844e981a833079107d445b04b4f
4d215980822d00eac540b144287d4963223a2201c46008c66a96e3ab0b44d057
GET /c851328/v851328617/1300a0/-6pcbsCkBV4.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 12349
last-modified: Sat, 01 Jun 2019 19:40:37 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c836131/v836131893/3dbc/rM31jtMPQeo.jpg?ava=1
87.240.137.137200 OK 12 kB URL HTTP/2 pp.userapi.com/c836131/v836131893/3dbc/rM31jtMPQeo.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x300, components 3\012- data
Hash 1815c13ed392857117402e56e70f1d97
9d11a2402e7926f56990ea4f6558b9ae1428f340
0a5cb0fad7b61743ef8b711e895200b595cf1b41238496fdf9546353ceef5e9f
GET /c836131/v836131893/3dbc/rM31jtMPQeo.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 11715
last-modified: Sun, 02 Oct 2016 20:26:26 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c5120/u98913860/a_3c510fcd.jpg?ava=1
87.240.137.137200 OK 12 kB URL HTTP/2 pp.userapi.com/c5120/u98913860/a_3c510fcd.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 200x186, components 3\012- data
Hash 5450f9f80f22a7352976aad7c436f583
26660fd9bc123e7e2d3561f3e8d119b18bee2714
280013fdd7d8d8b4a95505d558b625722e40c6fad6558dd2dbd7916bd43637b9
GET /c5120/u98913860/a_3c510fcd.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 11494
last-modified: Thu, 26 May 2011 18:37:59 GMT
etag: "4dde9e07-2ce6"
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/1zXHKoX__oHD0zFaTDVJOAz_J0V12bQ9WsAvDw/TRU-UZILQFA.jpg?ava=1
87.240.137.137200 OK 34 kB URL HTTP/2 pp.userapi.com/1zXHKoX__oHD0zFaTDVJOAz_J0V12bQ9WsAvDw/TRU-UZILQFA.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x204, components 3\012- data
Hash 7c478721c3954aea3f2e7768e531cdb8
33bf54954988dadefb78dfbc0babcf2cfea5823a
e77075f0caef49dde7dd910e0da41c91ef912c77cd81d320afd65646993a29d2
GET /1zXHKoX__oHD0zFaTDVJOAz_J0V12bQ9WsAvDw/TRU-UZILQFA.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 33498
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: 7411879a-d9bf-4d42-928b-cb27ce14ea7a
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c10506/u144023376/a_2502ec1c.jpg?ava=1
87.240.137.137200 OK 18 kB URL HTTP/2 pp.userapi.com/c10506/u144023376/a_2502ec1c.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 200x219, components 3\012- data
Hash a063df385c6d1177dab1657d104f2411
0b8222b5f44e8c3c253b801b55b180f74267e941
2145ae275b07f71a0b53223d057a11d136ca6eab0b96183060f1e95b559791a6
GET /c10506/u144023376/a_2502ec1c.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 17760
last-modified: Wed, 17 Aug 2011 04:15:08 GMT
etag: "4e4b404c-4560"
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/qEqOBCztirt728uF6zkJ1jk4ZpPYZkE2A11bKw/OtCJDwqvEgc.jpg
87.240.137.137200 OK 16 kB URL HTTP/2 pp.userapi.com/qEqOBCztirt728uF6zkJ1jk4ZpPYZkE2A11bKw/OtCJDwqvEgc.jpg
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 4915x4915, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 55727fdc3464d4b2d6affa98f542aaae
d5ff2a848113ebd076545c277f66bea3b074ba9b
70a04afd372efe1e12a90b48befa2d7dacca831ae49d6f9f10c33e05a38a4f0b
GET /qEqOBCztirt728uF6zkJ1jk4ZpPYZkE2A11bKw/OtCJDwqvEgc.jpg HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://compsennausupu.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 16149
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: 20ef0220-1c06-4b95-97f7-c7f40d155fb3
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/VWfqGdHQX0yjMwh58jpDpW5FM4x1O-uOs_W68A/bMipBTWZ_sU.jpg
87.240.137.137200 OK 22 kB URL HTTP/2 pp.userapi.com/VWfqGdHQX0yjMwh58jpDpW5FM4x1O-uOs_W68A/bMipBTWZ_sU.jpg
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 4e46f637447bd6219dc602f1db24255a
b194602511439b2facc826f29971d2e42d5bcf4f
928f88a8a11b1fec7b2dd29727263e8ca4ac00b5bb0ccf5fe6b2d3be881caab9
GET /VWfqGdHQX0yjMwh58jpDpW5FM4x1O-uOs_W68A/bMipBTWZ_sU.jpg HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://compsennausupu.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 21798
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: cc09403e-8ab1-4aa6-b113-08f7a046740c
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/0tomcCqsmnvIoWXtqQ0oh0RsI7_ufIPalY1dhA/XSHq7x-LCyI.jpg
87.240.137.137200 OK 1.9 kB URL HTTP/2 pp.userapi.com/0tomcCqsmnvIoWXtqQ0oh0RsI7_ufIPalY1dhA/XSHq7x-LCyI.jpg
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 862fc22714936eb5dea3faa36eaa9d88
c413a006ea2e569b2d4b1a05c7d00ff2b5083697
43943e557e935a8f6dfa1cb1c9f4607e49311f0a024846eefa8864269e58d38c
GET /0tomcCqsmnvIoWXtqQ0oh0RsI7_ufIPalY1dhA/XSHq7x-LCyI.jpg HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://compsennausupu.ga/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 1914
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: c28d88b4-2ed4-4d86-9082-628cc546e19a
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun1-22.userapi.com/c837430/v837430190/67343/PpkX3-pMqI8.jpg?ava=1
95.142.204.158200 OK 7.4 kB URL HTTP/2 sun1-22.userapi.com/c837430/v837430190/67343/PpkX3-pMqI8.jpg?ava=1
IP 95.142.204.158:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x203, components 3\012- data
Hash 53b0bc3cbe86d132813f4861aeff4250
3294f07bc5a0b61e8ade26570beb04d8b0373def
f18eac8de3f61e1e0e98ab552b102700e9d3c54702af482f3744e5878f9beb8f
GET /c837430/v837430190/67343/PpkX3-pMqI8.jpg?ava=1 HTTP/1.1
Host: sun1-22.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
content-length: 7421
last-modified: Fri, 20 Oct 2017 09:39:54 GMT
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front1-22
access-control-expose-headers: X-Frontend
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
strict-transport-security: max-age=15768000
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
compsennausupu.ga/ru/lukoil-bonus/favicon.ico
104.21.86.105200 OK 636 B URL HTTP/1.1 compsennausupu.ga/ru/lukoil-bonus/favicon.ico
IP 104.21.86.105:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash ecb1161d0f9a6c9e6982b9ecc08b62d8
502c72d3d74f3e612be51dd80bf3229dde0d62a1
e6cfbe2530dbab14115350dbcc4965e66603fd9f2fb69c88ba9634fb466fcb2a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /ru/lukoil-bonus/favicon.ico HTTP/1.1
Host: compsennausupu.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://compsennausupu.ga/ru/lukoil-bonus/
Cookie: timer=161341; PHPSESSID=u8g3s4780p2c90jf6umh7pumbd
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:20:37 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:40 GMT
ETag: W/"5ee24448-47e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLJkGOtaXE%2BCrzDgp63VWGq3i5AXfN8k7sRgRn8dj88wVapu845hmob2T5T4YOaPzwpZzoAPUspW2u36YGkQd0vKVyS0MNwG8cMPrDUCIo8%2BUNlQ3xhGjst%2FQrB6EjuFE%2BOZSw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c49acdc73b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pp.userapi.com/c848732/v848732920/18919d/YSNIWV6uDfo.jpg?ava=1
87.240.137.137301 Moved Permanently 20 kB URL HTTP/2 pp.userapi.com/c848732/v848732920/18919d/YSNIWV6uDfo.jpg?ava=1
IP 87.240.137.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x300, components 3\012- data
Hash 90618bc3c059d98bf468367dd5548878
9ada5e3becdcd7d50bbf91fea7c9995b4397b342
a811c857bd6932762e2d7c4c1dabb148aced0eea9887769b0c31ef648535210d
GET /c848732/v848732920/18919d/YSNIWV6uDfo.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: kittenx
date: Sun, 05 Feb 2023 14:20:40 GMT
content-type: image/jpeg
location: /dGyuZQ9Q-JpbUVyBdLOmPxELlayZxrnZBzpocw/C28UUYxVdao.jpg
expires: Tue, 07 Mar 2023 14:20:40 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2
pp.userapi.com/c846324/v846324005/1e0ea7/2ThiLiaJIRU.jpg?ava=1
87.240.137.137301 Moved Permanently 0 B URL HTTP/2 pp.userapi.com/c846324/v846324005/1e0ea7/2ThiLiaJIRU.jpg?ava=1
IP 87.240.137.137:0
GET /c846324/v846324005/1e0ea7/2ThiLiaJIRU.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
location: /qEqOBCztirt728uF6zkJ1jk4ZpPYZkE2A11bKw/OtCJDwqvEgc.jpg
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2
pp.userapi.com/c847019/v847019473/1bea49/9NSXfX6Z8bw.jpg?ava=1
87.240.137.137301 Moved Permanently 0 B URL HTTP/2 pp.userapi.com/c847019/v847019473/1bea49/9NSXfX6Z8bw.jpg?ava=1
IP 87.240.137.137:0
GET /c847019/v847019473/1bea49/9NSXfX6Z8bw.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
location: /VWfqGdHQX0yjMwh58jpDpW5FM4x1O-uOs_W68A/bMipBTWZ_sU.jpg
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2
pp.userapi.com/c852032/v852032209/c4ff7/VwMNPPmrDkk.jpg?ava=1
87.240.137.137301 Moved Permanently 0 B URL HTTP/2 pp.userapi.com/c852032/v852032209/c4ff7/VwMNPPmrDkk.jpg?ava=1
IP 87.240.137.137:0
GET /c852032/v852032209/c4ff7/VwMNPPmrDkk.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://compsennausupu.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: kittenx
date: Sun, 05 Feb 2023 14:20:37 GMT
content-type: image/jpeg
location: /0tomcCqsmnvIoWXtqQ0oh0RsI7_ufIPalY1dhA/XSHq7x-LCyI.jpg
expires: Tue, 07 Mar 2023 14:20:37 GMT
cache-control: max-age=2592000
x-frontend: front632902
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2