r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15364
Expires: Sun, 05 Feb 2023 01:48:56 GMT
Date: Sat, 04 Feb 2023 21:32:52 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4495
Expires: Sat, 04 Feb 2023 22:47:47 GMT
Date: Sat, 04 Feb 2023 21:32:52 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12113
Expires: Sun, 05 Feb 2023 00:54:45 GMT
Date: Sat, 04 Feb 2023 21:32:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 20:36:15 GMT
content-type: application/json
age: 3397
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LpQnMjF5yNbxcjK73gOssVz7CqBIRp9W1b8HSeMyzfjtCVNcKEmKnl0x90T09fxbDbl4s0yvtyA=
x-amz-request-id: Q3KNVP95853JVSAP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 20:52:58 GMT
age: 2394
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 21:32:53 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://runsgravepov.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:05:01 GMT
expires: Wed, 31 Jan 2024 09:05:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 390472
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
runsgravepov.ml/ru/ozon/
188.114.96.1200 OK 21 kB IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6516), with CRLF line terminators
Hash b60e5346a6c823169a739489471620b8
2d51ecae952bceace1b96bcb342192f99f2a30c9
833920540da21d536af625fe683ff29025bbf244153282e7e33d734cf81a9240
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/ HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2d822eizGliFhQu9bnVKL3nvDQ07vEjksdlC5VYTN8Job93DiEc%2FDIKU1zA8aE8X1SsbiaEQuKqyUfV9HdXMU3PejOTlubAckXhxXGiyyFBd0Ra2BRybny1mze1sqX3KoY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7946857d2ba6b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/css/modal.css
188.114.96.1200 OK 899 B URL HTTP/1.1 runsgravepov.ml/ru/ozon/css/modal.css
IP 188.114.96.1:0
File type ASCII text, with CRLF line terminators
Hash d8cbec13ee9a297c4a412700826c314e
9481f7f3e6dc02f22ac475b88e05a0935cf68a68
3bf483e26f467d23aef714bb3879a1de456d0b01402025b91684148e86cc508d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/css/modal.css HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: W/"62bcb52e-bb0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITYnVrRrgv9WGT5LN83dP7vCrpOTplmQfc%2FDrvi9wVZx0fwpXX%2F1X30hsiA537i1UGk8j0y1%2BVakVnZgYf0qkSMCD57vfplRFe1t2FOlWR5N7cK5x2VDymY42foqho15NDc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685800e30b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/css/normalize.css
188.114.96.1200 OK 1.7 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/css/normalize.css
IP 188.114.96.1:0
File type ASCII text, with CRLF line terminators
Hash 52f22fe52d8bd6688e26b047ec79a4ef
86caf8748ebb55a2b9fb73fe9bca1b663cd46442
f442c79d3c062e025d92d4eb8ba71a9429f442bc7183127bbaa55117ac8be444
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/css/normalize.css HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: W/"62bcb52e-1957"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvOLmV8ZyJRlNumeDvOaUjSNlnnhZMcdDpfc3PKA6q3eiLipyGC1%2BeteujcJXiHplobf6P9Usba082PoMaddiWnHakCi0z5eO8oKxwwvi4FL2CyjtR63EHNkEVs5qfjuDVc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946857ffe2cb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/css/loader-default.css
188.114.96.1200 OK 611 B URL HTTP/1.1 runsgravepov.ml/ru/ozon/css/loader-default.css
IP 188.114.96.1:0
Hash 08f46af30aa09156242ed093a4715f94
bfc5b363a1c2d5d60e89fd78ea424d597e0db1c6
cb554400e3dfc4b053a80d2d4085a7d0bb44e3c5062168449c227ffba99c7c60
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/css/loader-default.css HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:16 GMT
ETag: W/"62bcb52c-5b7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvM44oitNxbxLTdogLgYr3diApLpAqcmFuO6gx%2F3a4GiRMx0YQmRvSdeoaNIVwxHOW2VH3i6TdMl%2FCRpozoKUjxQqXE2udpeaEJKPK2gURZjOq98dxYdrFf%2Bdd3KYuE9mQk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685800aa6b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 20:49:07 GMT
age: 2626
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Sun, 05 Feb 2023 00:37:21 GMT
Date: Sat, 04 Feb 2023 21:32:53 GMT
Connection: keep-alive
runsgravepov.ml/ru/ozon/fonts/GT-Eesti-Pro-Display-Medium.woff2
188.114.96.1200 OK 57 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/fonts/GT-Eesti-Pro-Display-Medium.woff2
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), CFF, length 57012, version 1.262\012- data
Hash e61fa027b3fad746e99939f3e2852522
518774075ee691884b8b8933c70a93b03afdb0db
842eecfed91c885c848d53c2584aecaa0422aa972155e94696c1dc8d3450f13d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/fonts/GT-Eesti-Pro-Display-Medium.woff2 HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:53 GMT
Content-Type: application/octet-stream
Content-Length: 57012
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-deb4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddzouz1I4RZXVgsmmmonMRxQEj5lQlvg49e7XoI%2BrzjbwH660ikJW5p%2BwR8pJSS49jdrAt8z2Adf%2F6sIigychxbNhRNVyDJ1nvhGvqekjDbWId0J0xS%2BUeaR2kOlEnD5FXc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685800bcb0b55-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/fonts/GT-Eesti-Pro-Text-Book.woff2
188.114.96.1200 OK 46 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/fonts/GT-Eesti-Pro-Text-Book.woff2
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 45960, version 1.0\012- data
Hash dbb03b152cf1af1a55be15e9ab77456a
b818c238fa709634973b75ab401667936c0d34e3
3ffc6b9c5850a4c799b81fbfb4816159e5d51c8d110d763e67dce0d4201aa0d3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/fonts/GT-Eesti-Pro-Text-Book.woff2 HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:53 GMT
Content-Type: application/octet-stream
Content-Length: 45960
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-b388"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDN8EFEzqh7tFy0XxeA8QtGfXKwBju0BK8A5qit1Kgt%2Fwpi56QbQ1yr47%2B527E8PZ4VAWcTwG4OJn59g3DNffJnW0D8CYJQWrI2FFFjMD76lb94NvBSpvEnEhCnHqOx2Qfs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858178cdb505-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/css/index.css
188.114.96.1200 OK 44 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/css/index.css
IP 188.114.96.1:0
File type troff or preprocessor input, ASCII text, with very long lines (550)
Hash 12c2fc843192c033e45996b78d9af701
23435d0baa58636054d8030830bf5cd3608b074e
d122f2b7e15bbe44494acfd18b4874876303e6bd1c76d9714beabfeeb11269e3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/css/index.css HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:53 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 07:58:09 GMT
ETag: W/"62c29d91-47679"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lWqPeBp84aAczvn9odinaTMOvBT5dS09IQolCTbRa2KeLLJlYnQq%2FZZDiruqI2SuG%2BAp2Z9mbmEiVaM5w7%2FiWCBFxdySwcyhYuVb6SjWc1ux8t6sQ5N2FeaUFLgmC44Dm0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685800cf60b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
34.215.55.199101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.55.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oU93ve6HnLqC3xSBb6MUhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NMXe3RiOw8apBMm+PTp7h9Nr4dA=
runsgravepov.ml/ru/ozon/naushniki_apple_airpods_pro_2nd_generation/50173295bb.webp
188.114.96.1200 OK 12 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/naushniki_apple_airpods_pro_2nd_generation/50173295bb.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1300x1302, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb79abc2036b70178119ff3f45d66104
50beb28b0a0c2a3ddb701e8b21150ab4ff47c8f1
3240ee8c14ccaeb077a27f0a19d6eb9a0f39ee32e9ea9fd56f745670160ea36c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/naushniki_apple_airpods_pro_2nd_generation/50173295bb.webp HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: image/webp
Content-Length: 12172
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 10:47:55 GMT
ETag: "6332d4db-2f8c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvidN4N1luYHx0IvERLdexoZaXicjm3z48aVgoi3qM%2FxYgFi4TqNpPln4nGscQ5IIbKwLAoeJkiv3CMMljJko1DsVOAH4z8Vb2bLdB64jKLJ1S7yVlBTrjwPw9VQAZtd3q0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685853d65b4fa-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/xiaomi_redmi_note_10/s3/multimedia-k/wc1200/6022663964.jpg
188.114.96.1200 OK 31 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/xiaomi_redmi_note_10/s3/multimedia-k/wc1200/6022663964.jpg
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 68cb795fe4294648a0eb4f7ff3150935
da702e10d91634d3a96013ba0f8ee0e448005c05
a16c11bc49e79f9abc3b672a47f8a19ec70d713fd6076640049dc53121a415d3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/xiaomi_redmi_note_10/s3/multimedia-k/wc1200/6022663964.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: image/jpeg
Content-Length: 30736
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-7810"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NLMBX23eawDhvaCutMjkTTWI%2Fx9iScaTjEPG6gP0WMx1Ef6jn4g54hIJp%2FWTaJQph9GBfragc2HuWl83ZBAM4%2Bv1dDgfNYtWFl9gwMHEteaixyxiWudpNPIWpMeDlDAh0o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858539610b3d-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/besprovodnye_naushniki_apple_airpods_3_go_pokoleniya/6291432332.webp
188.114.96.1200 OK 11 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/besprovodnye_naushniki_apple_airpods_3_go_pokoleniya/6291432332.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ebac40efcbe2aceb79c87698e8022765
1abb2a88f690175c49faedecbc1b529e3a411192
4fdfa32b2f8d445a4b118963e5c5aca071d2dacea3bad4543c07c8b935cd995d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/besprovodnye_naushniki_apple_airpods_3_go_pokoleniya/6291432332.webp HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: image/webp
Content-Length: 10602
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 05:47:24 GMT
ETag: "6335316c-296a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCkIYmYy3Cv678%2BvkatBsqmS8g6BuLIGZYdhdZyY8G2BOSYhp%2FGzoSoWzjkENIDK90usWf9sEP4w3sJD%2Fbgd4Ar6PXCQyktRSCCMpT3Ufbd9eFY77iR7OIYp0mLl1yBZekM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685853e5ab521-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/img/ps5.jpg
188.114.96.1200 OK 30 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/img/ps5.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Hash 6384c61a46fa1268a0c4def30bf2f9bb
a9e98352e047dffcb107882f482f34bcbf9c1f49
01dccf5ab9866da8fb4d28284296c5b0af4f60e4c955a34af17d0a69cee0b0d0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/img/ps5.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: image/jpeg
Content-Length: 29457
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-7311"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yF2lNlChypKRHJrm%2Bm9iWJDl%2BSOnBa0qvADoQ3uZ3CYbYyLLdFyXGGbP4hqNcww3qvFs5N%2FsWIdD%2Fkkws0joyhgmgbxSpQCG2b1SP9vkOG%2BFeJuvYFgR%2BkOlZSsM%2BvEhEPI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685853d66b4fa-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/smartfon_realme_gt_master_edition_8_256gb_voyager_grey/6120154067.webp
188.114.96.1200 OK 87 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/smartfon_realme_gt_master_edition_8_256gb_voyager_grey/6120154067.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c1c938cfce6f968e2930b5372cbbbfd1
ed45739fd91b97f948d71c8dde66476bda72d239
2dd3d1e6906017e1a7e2d81a83fbeb178548ece5afc71d30ee6e9090c40a3dc0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/smartfon_realme_gt_master_edition_8_256gb_voyager_grey/6120154067.webp HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: image/webp
Content-Length: 86676
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 07:41:54 GMT
ETag: "63369dc2-15294"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ib8tmfcm2Zj%2BCTxjb5S%2Bao4ykobMxCMnar7Eblf84UfPVW2N%2FkL8CbcWPk5q1oNRboo692AwaWWNJSuEXBMNANhlNZr31veooTYz%2FcSJrg20v0KG%2FY8sH2klxajx2C2xlb0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79468585389b0b55-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/graphics/test/fonts/GT-Eesti-Pro-Display-Medium.woff2
188.114.96.1200 OK 57 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/graphics/test/fonts/GT-Eesti-Pro-Display-Medium.woff2
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), CFF, length 57012, version 1.262\012- data
Hash e61fa027b3fad746e99939f3e2852522
518774075ee691884b8b8933c70a93b03afdb0db
842eecfed91c885c848d53c2584aecaa0422aa972155e94696c1dc8d3450f13d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/graphics/test/fonts/GT-Eesti-Pro-Display-Medium.woff2 HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: application/octet-stream
Content-Length: 57012
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-deb4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIBfZbeRVVNwkjRRZWEE2gAVHTcUDIcEaHtFCU4lpM8BGAzAg2LZhAlF6I8roYUv0YG5KH3HoaFdtbqkUvjSrAwzsTbErhIT5KFwqAbKUHEc%2Fo4RXL%2BgFxYmxnGcwBW5enM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79468586df64b4fa-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/s3/cms/2e/taa/24x24_topfashion_desktop.svg
188.114.96.1200 OK 726 B URL HTTP/1.1 runsgravepov.ml/ru/ozon/s3/cms/2e/taa/24x24_topfashion_desktop.svg
IP 188.114.96.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1359)
Hash 0726ac4ed40c2d287553013573f89fb9
99343ef4325008e56202bf0b49fc2f027b340dc3
d1bac6956bd2af3bb88431d5af115a8a93a079a89a63f96a079d115b85e9ecbd
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/s3/cms/2e/taa/24x24_topfashion_desktop.svg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: W/"62bcb52e-5b7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng5K36S7mLRMtUxaY83T2lI2PsCPE3ubpkrtSaAwU7XdfXobMhG624laloFLLr%2FZhVoZ6z1wHttmoJpoMa%2FjG9olNf1RmywsHXj8cnUljPlBsnyjLV9100aLWVd6eids0Bk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79468588da09b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/Apple_AirPods/s3/multimedia-k/wc1200/6022663964.jpg
188.114.96.1200 OK 176 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/Apple_AirPods/s3/multimedia-k/wc1200/6022663964.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1400x1400, components 3\012- data
Size 176 kB (175455 bytes)
Hash 01c4bbaeba97a683da5533149c0187f0
ae7d3a37b701352874f928ba05662ec4a64905e3
0fb2707513c632b309f57e43101d7af3cb60a8fdfcce74d8dcfc4fcd1b546314
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/Apple_AirPods/s3/multimedia-k/wc1200/6022663964.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: image/jpeg
Content-Length: 175455
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:16 GMT
ETag: "62bcb52c-2ad5f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozx7jFD%2Bk5eT1V3LR1FPqtSFTwCu43bOmuCFdC3uh08cSsMp437FqKyvbCnVvp5OZ%2FKbx6LNY03fN3QkXQKsqH3mUap52jxi0Dp6A2W2gzrH9ExChXr1k4bckN2SlMhFwLQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685853d82b505-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/smartfon_xiaomi_redmi_9a_2_32_gb_seryy/6019317889.webp
188.114.96.1200 OK 11 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/smartfon_xiaomi_redmi_9a_2_32_gb_seryy/6019317889.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3d9b9433b6cecf4262df56b1989e8770
e5333aedef50cf9f73d93dbff63d41849d076784
c673d5fbbe115be48411af4656aa6ad1721577cdec38104a33d2a0c7cd05e531
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/smartfon_xiaomi_redmi_9a_2_32_gb_seryy/6019317889.webp HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/webp
Content-Length: 10900
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 07:28:35 GMT
ETag: "63369aa3-2a94"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJy0B8gI3qchJjK7GrUXoWrMKPWWMQMefTwvz8%2FvejroSNSJSgCPvMsinYkBz9NVPG%2FPU0XschwcJYNNlSAEBwZXv8IT85LOc%2BbtNbZQ7zZH0onmS0XeP%2FAwkujIgLYtji0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858a5c0db4fa-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/graphics/test/fonts/GT-Eesti-Pro-Text-Book.woff2
188.114.96.1200 OK 46 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/graphics/test/fonts/GT-Eesti-Pro-Text-Book.woff2
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 45960, version 1.0\012- data
Hash dbb03b152cf1af1a55be15e9ab77456a
b818c238fa709634973b75ab401667936c0d34e3
3ffc6b9c5850a4c799b81fbfb4816159e5d51c8d110d763e67dce0d4201aa0d3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/graphics/test/fonts/GT-Eesti-Pro-Text-Book.woff2 HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: application/octet-stream
Content-Length: 45960
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-b388"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCjdt3ZLMl1Qz4xwHFidQ1fDLE1wQvYg8GQ8AdCeF7lMACueliU8eM9Ibjv9eBLlpTYfqeavqE20E8PDlfkxV%2FB5RNcbjPoAy9%2BZV95pGbQywiz9LOJYtxJqkDCbR8S84X4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79468587bbff0b3d-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/s3/cms/07/tcb/ic_m_status_points3x.svg
188.114.96.1200 OK 619 B URL HTTP/1.1 runsgravepov.ml/ru/ozon/s3/cms/07/tcb/ic_m_status_points3x.svg
IP 188.114.96.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1142)
Hash c8ba57da36b25ae58d361910e9720a81
52cd9b1c536662fd7475c2413935853551af094c
4a380d7c66a566d4b353f37c0320255109472858953aded9c5a541f674d2ed43
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/s3/cms/07/tcb/ic_m_status_points3x.svg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: W/"62bcb52e-4de"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWdRAyCF9uXn2amGtdzRfddTW9wugm%2BWGr04fNJMhLw4a1L6ej8wCKI2aRgsImciPbtYcJekihUgTRfnALXg3IeO1pnWzLjH1CLWmHdEL8UKdni2L2OicwRZfDFSudG2gsY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685898c8e0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/css/graphics/test/fonts/GT-Eesti-Pro-Text-Book.woff2.html
188.114.96.1200 OK 46 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/css/graphics/test/fonts/GT-Eesti-Pro-Text-Book.woff2.html
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 45960, version 1.0\012- data
Hash dbb03b152cf1af1a55be15e9ab77456a
b818c238fa709634973b75ab401667936c0d34e3
3ffc6b9c5850a4c799b81fbfb4816159e5d51c8d110d763e67dce0d4201aa0d3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/css/graphics/test/fonts/GT-Eesti-Pro-Text-Book.woff2.html HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/css/index.css
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxp8TVn839kZ9JeME3NIBBf7zWQvuMPIoh%2BYMBec%2BZAPj9nbMcibU6TaEEbrcbuB5qWM8nUQn116NS4gmb9RnvZz4VGFQOEhgD9ZI40kPLgFZv2OxDqdsAg0rHtR0%2BLEf5M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79468587bc57b521-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/s3/cms/29/t51/2832x600_sonic_new.png?t1675546372
188.114.96.1200 OK 19 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/s3/cms/29/t51/2832x600_sonic_new.png?t1675546372
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c66904002b394a91dd0adea07afe06b6
097fbcf93b6b9b4d90e5db8f76dafdfe16c97c4b
e88837063bc91319d17c0c51260617950688a2fc96d880d2d8e9f543ba84cfdb
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/s3/cms/29/t51/2832x600_sonic_new.png?t1675546372 HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/png
Content-Length: 19058
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 06:16:58 GMT
ETag: "63805dda-4a72"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApqiD44xHHjB7PqBPZuEgDVUk0BTHp9V1%2BA17794Q5VmntcHTRpETQ81oDltHeIYveFu3AuYp8Ud7tMlOAChDgipUaV9mJkBtQdpKXqkc4uSGTTr6%2BUeUEViQVesOB6olto%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858a5c0cb4fa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15349
Expires: Sun, 05 Feb 2023 01:48:44 GMT
Date: Sat, 04 Feb 2023 21:32:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15349
Expires: Sun, 05 Feb 2023 01:48:44 GMT
Date: Sat, 04 Feb 2023 21:32:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15349
Expires: Sun, 05 Feb 2023 01:48:44 GMT
Date: Sat, 04 Feb 2023 21:32:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15349
Expires: Sun, 05 Feb 2023 01:48:44 GMT
Date: Sat, 04 Feb 2023 21:32:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15349
Expires: Sun, 05 Feb 2023 01:48:44 GMT
Date: Sat, 04 Feb 2023 21:32:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 85491
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 84154
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 84143
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 83965
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 6a1fd567-b34d-4787-aa05-5b7db3fc51c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflRBHU4IAMFnsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c06-2d1ec3206d2ebeb4780a84b4;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUloQ6xaRWpnvMRh7kFvFIWhFotmILLZHfD_YK01RmrQ2vmYKVh46w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 03:08:59 GMT
age: 66236
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 84142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
runsgravepov.ml/ru/ozon/img/6084980780.jpg
188.114.96.1200 OK 5.2 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/img/6084980780.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 138x200, components 3\012- data
Hash 11620bfa1a792b896fd90b0671024955
398de7de5ec51154fa45acfb77e1b0bbf959d26e
67d8e05440bca4f2cbfe3f181c304fb6612180cbe3d1f9504638d5b1f484fe27
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/img/6084980780.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/jpeg
Content-Length: 5211
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-145b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FS869SIogFsDXYbCVc%2BQhHyPKKzc5U43PAF8DaBj%2FEfG0r4Yv2bqbh0V6UASrLo8t4p9YZwLtnuj%2BRTwB%2FB%2BChBYPIFfIL7%2B9wjagW2IeUHWxqzLYcHv2npUZUqeWzGRW0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858bff860b3d-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/img/6064765103.jpg
188.114.96.1200 OK 8.1 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/img/6064765103.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash db024f64bda4adf1db5c49ae978977b0
535679fd4823f46b374fefff7c068d7b7b298965
64958d045f954d3bddb10de15a1e27c7efb6015749331c6ae23b975692bb3b9b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/img/6064765103.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/jpeg
Content-Length: 8062
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-1f7e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InLG6u53GPou4%2BfbF7cpcQ9P%2F6iKsfyQZzZFcjUqRC%2BeQRhxX%2BUsV9OOBEa8ejHYVJ6P2u3KlHKVzp%2BpJr6%2BWD%2FxeAPflA8ryF%2FOnhgLMnexjZvLvmgRhrZsGb5fqOBPQEA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858bfeb60b55-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/img/6019476626.jpg
188.114.96.1200 OK 4.8 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/img/6019476626.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash c287b29c6775ee1a4fbb154eb042db10
8490a0f7250a11cbb75e722736f46f97e025eb19
53c9891b0fa84509f23d511733c9c0d54d4892d9111d80434dd0c90a7e807603
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/img/6019476626.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/jpeg
Content-Length: 4842
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-12ea"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajOFZ%2BSoLO%2Bl4MYRz9RjIvTYryNhG27HSOl8jdiIxT0eWq3mUF%2B6L%2BLskheHN5A3v0oj8%2FESI%2FYrDAnTRoVjoQ41g34b9pluKEQVnOts9WLOsRMkYxK8SK%2BIVnbBZS63jCQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858c0e5ab521-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/xiaomi_redmi_Note_9/s3/multimedia-k/wc1200/6022663964.jpg
188.114.96.1200 OK 120 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/xiaomi_redmi_Note_9/s3/multimedia-k/wc1200/6022663964.jpg
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 573x1200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 120 kB (119958 bytes)
Hash 6e2e2f0a87feb76c6d2e9f150bd02188
3c0699698ef082404ab566338ae35d3202fed45d
9a31c3b40f5f401f9140399bd3e52c7284f1ce43acccfc875fa7cce6390a1570
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/xiaomi_redmi_Note_9/s3/multimedia-k/wc1200/6022663964.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/jpeg
Content-Length: 119958
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-1d496"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zydOpV7ECfe%2FNDVWqzcUp2FopDh6%2BkjUWMtO8NshOLAau2mXtMIphHbib7MN8bofAgJU6mpvZQaf%2BNMVxPZ7wG9MwBJOaFdmaQ6p0cK79ias64cEZVPQ8v0%2FVIC8%2BOrJDlw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858a7c23b505-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/css/css/fonts/GT-Eesti-Pro-Text-Book.woff2.html
188.114.96.1200 OK 46 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/css/css/fonts/GT-Eesti-Pro-Text-Book.woff2.html
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 45960, version 1.0\012- data
Hash dbb03b152cf1af1a55be15e9ab77456a
b818c238fa709634973b75ab401667936c0d34e3
3ffc6b9c5850a4c799b81fbfb4816159e5d51c8d110d763e67dce0d4201aa0d3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/css/css/fonts/GT-Eesti-Pro-Text-Book.woff2.html HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/css/index.css
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEA6FoUTGuxDYej%2BU6Yf9QU28SW%2BkfVIurcIN%2Fx%2BfglDbc9zjwQKnkg7jPaMCCdPodpBunNw297x2RDagB6PgDXau89s88Sft%2BipEC2LXQEzbADeZq8VA0z4JN83HNkHdQs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7946858cdf29b4fa-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/img/6031325395.jpg
188.114.96.1200 OK 8.0 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/img/6031325395.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 9104a72447f36811280995bce13c5c38
2be441353719397dde4bdecf1a33d227a8183a11
5c9f948666c8605a0a37cf318d501e03538743d0508216a57ff082ac9714ab82
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/img/6031325395.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/jpeg
Content-Length: 7961
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-1f19"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhH37lpP8%2FrfXly5pbPG6ZSP2rPtUNKO26rwnqXsgsueoVz9IrsPBNVp4%2FVlYHY9wZZdhWeCMBG%2BLNa%2BQOpH7AYG5Nem2gmxMI3K3Igv%2F4NBaWj8KX1VfCcOfTDqmwM5nuU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858d78ea0b3d-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/s3/cms/89/tb0/covidlogo150_true.svg
188.114.96.1200 OK 15 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/s3/cms/89/tb0/covidlogo150_true.svg
IP 188.114.96.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1810)
Hash 6420274f9ea26a0b7da02d0f5e0b76ae
d92c72737147f9c159f6e3e6010f4e9e5665acf7
f09103fb1b22906b7f097f031b8c61c355de7cd971503fa317f66ee679a6e9ad
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/s3/cms/89/tb0/covidlogo150_true.svg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: W/"62bcb52e-b484"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iTzI2rR5qJftTguj4hbcRS52WDFjqMGwuc7cHjuYsak%2F%2Bi4iAD%2BRz%2B6xawwMobWdlo%2FZRPiQQjHRS50Gx4F68jtivdZo7g8DF1CJm0m0DnKff%2Fg%2F93TNhReA97SX%2B2Nzdw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858d88510b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/yandeks_stantsiya_alisa/s3/multimedia-k/wc1200/6022663964.jpg
188.114.96.1200 OK 178 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/yandeks_stantsiya_alisa/s3/multimedia-k/wc1200/6022663964.jpg
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178396 bytes)
Hash f0474234f68bce664d11b53865898c79
5e155117b5a4c678db14e3d0f54f619046a2df2a
29d423a0a546df9c36b58589014bd2cbd57bd6055ab267b4167c3407fe760771
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/yandeks_stantsiya_alisa/s3/multimedia-k/wc1200/6022663964.jpg HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:55 GMT
Content-Type: image/jpeg
Content-Length: 178396
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: "62bcb52e-2b8dc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsBg290uTzte652MrhGuxHlunzDEpzgku0WxvyUhjZ%2B79VpeR3%2Fr%2B8wUleiEJ6Ai5oT6H19zyAHrY5k6y2ItMxKfwzAhTmI2jOXIV%2BOBt%2BP80UojjkwbS2yfpWP4gVGBjLo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946858bedecb4fa-OSL
alt-svc: h2=":443"; ma=60
runsgravepov.ml/ru/ozon/favicon.ico
188.114.96.1200 OK 3.0 kB URL HTTP/1.1 runsgravepov.ml/ru/ozon/favicon.ico
IP 188.114.96.1:0
File type MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash e87aba8c35e41b83a681fad31ef7a118
ee187166878f1f8006a73a2932f11741c90f9de9
e82d91b3921fc3492d0057569615a89d8c836fe90d9d2cea9c6a34966194e0d0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ru/ozon/favicon.ico HTTP/1.1
Host: runsgravepov.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://runsgravepov.ml/ru/ozon/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:32:56 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 20:25:18 GMT
ETag: W/"62bcb52e-80dc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdXpAdiZ7zFBJ8f%2Fvukd537qTDCemU%2B4VihQgXLTezdFCQU%2Fe6jO061UOxFI8iuVohBmAUBBaZsyNZ6BhAbgUzK35ThuvSWhzK%2BzrlBm%2FBXVeZViqpv%2Bq7p09SAesBEX%2FMI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794685904becb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60