zelenka.guru/market/44873032/
151.80.169.28301 Moved Permanently 178 B URL HTTP/1.1 zelenka.guru/market/44873032/
IP 151.80.169.28:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Malware
GET /market/44873032/ HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 24 Dec 2022 15:46:37 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://zelenka.guru/market/44873032/
Strict-Transport-Security: max-age=15768000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16115
Expires: Sat, 24 Dec 2022 20:15:12 GMT
Date: Sat, 24 Dec 2022 15:46:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5094
Expires: Sat, 24 Dec 2022 17:11:31 GMT
Date: Sat, 24 Dec 2022 15:46:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 24 Dec 2022 15:46:17 GMT
content-type: application/json
age: 20
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5046
Expires: Sat, 24 Dec 2022 17:10:43 GMT
Date: Sat, 24 Dec 2022 15:46:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: P+G2Vme+BFmBohq8TnafhzllCwVPLDXJrJqxEw655FdN1i6MqPTRF4+rqF1tqozILHxwdHebBwrwJlnxx+mQEw==
x-amz-request-id: Y3AXNJDS859YFAPH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Dec 2022 14:56:38 GMT
age: 2999
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 424b4cb5b236649997b688fa547f0701
d2fa0b128712db68f02002cad4a2898a6b2f86a7
49c45d88349675b1b256f5e9ff578088864a7a24fd768fcb17aeee5a2370ff98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C45D88349675B1B256F5E9FF578088864A7A24FD768FCB17AEEE5A2370FF98"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14580
Expires: Sat, 24 Dec 2022 19:49:37 GMT
Date: Sat, 24 Dec 2022 15:46:37 GMT
Connection: keep-alive
zelenka.guru/market/44873032/
151.80.169.28200 OK 1.3 kB URL HTTP/2 zelenka.guru/market/44873032/
IP 151.80.169.28:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1173)
Hash 11f51c56c3612f17e37171df9a1d0bb4
1a1276ab5afe9c8ec65e08b6ac32f54ec30728ad
455797ce8cdc071ae6ec410e83ccb1615e8c46ed11ae8a945a0d3617b60a0f30
Analyzer Verdict Alert fortinet Malware
GET /market/44873032/ HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:37 GMT
content-type: text/html
content-length: 1347
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:37 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
zelenka.guru/aes.js
151.80.169.28200 OK 26 kB IP 151.80.169.28:0
File type ASCII text, with very long lines (25638), with no line terminators
Hash 535ff81ab45764c67a7336a70ee7c7a6
c1cdb3fc5b8e033fbc2be2638b6189e9f3a4f669
991fa3ac0febff65dd238aa07315e6ccb792fb207828b371de8cb353bd4dd121
Analyzer Verdict Alert fortinet Malware
GET /aes.js HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:37 GMT
content-type: application/javascript
content-length: 25638
last-modified: Sun, 03 Jun 2018 20:00:00 GMT
etag: "5b1448c0-6426"
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/market/44873032/
151.80.169.28200 OK 18 kB URL HTTP/2 zelenka.guru/market/44873032/
IP 151.80.169.28:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1553)
Hash 1e96359d4e80a20050e9c083399342f5
11f68c9222719fdc7c5cd8a50516e75e5465f424
a11a965274a64c01968682c6ab64d38f19e01d0ea37b5c23d85271c41c72c678
Analyzer Verdict Alert fortinet Malware
GET /market/44873032/ HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: text/html; charset=UTF-8
content-length: 18468
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, max-age=0
set-cookie: xf_market_items_viewed=44873032; expires=Sat, 31-Dec-2022 15:46:38 GMT; Max-Age=604800; path=/; secure
xf_session=351d38cf16c957aca252b16d8b14c18e; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
x-xss-protection: 1
last-modified: Sat, 24 Dec 2022 15:46:38 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
X-Firefox-Spdy: h2
zelenka.guru/js/lolzteam/errorHandler.js?_v=1dff4f8d
151.80.169.28200 OK 1.2 kB URL HTTP/2 zelenka.guru/js/lolzteam/errorHandler.js?_v=1dff4f8d
IP 151.80.169.28:0
Hash 15b5173ad1ab6c8053a5c886e5f99b72
1d89619c6b28c943c63f9266d976826c59e51f69
4c9ac3fef5b0d9c7cf41cb4071e5f44da56b0b1e4bfdc05653f57803f0c56ad1
Analyzer Verdict Alert fortinet Malware
GET /js/lolzteam/errorHandler.js?_v=1dff4f8d HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: application/javascript
content-length: 1176
last-modified: Fri, 11 Nov 2022 11:35:26 GMT
vary: Accept-Encoding
etag: "636e337e-498"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/jquery@1.12.4/dist/jquery.min.js
151.101.129.229200 OK 34 kB URL HTTP/2 cdn.jsdelivr.net/npm/jquery@1.12.4/dist/jquery.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (32077)
Hash a221862c4d6002be5ca064b8b94096c3
0041a30fae6c55b4e80052316ceb19d9763b6813
13ca5a43448c333329543216c3b77a494e6d6087cba3bc0a4007ada48f5fdd6a
GET /npm/jquery@1.12.4/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.12.4
x-jsd-version-type: version
etag: W/"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Dec 2022 15:46:38 GMT
age: 22168936
x-served-by: cache-fra19160-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33793
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/home.svg
151.80.169.28200 OK 749 B URL HTTP/2 zelenka.guru/styles/mm/home.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (645)
Hash 585a86a8595a730b074d80e4b6959447
671f74ba8ce90a6b64b6e294038d966711da8b23
e8e5becab46e87d05b0551d9da64f510416a31811483c47478ee10d6ab7b0bbe
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/home.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 749
last-modified: Mon, 05 Sep 2022 09:36:32 GMT
etag: "6315c320-2ed"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/paper.svg
151.80.169.28200 OK 895 B URL HTTP/2 zelenka.guru/styles/mm/paper.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (336)
Hash 61772c52576c14fe293e82b271e2972f
a906379feb9106fa295ac0f7fa7eb3eb54dcdec9
777d52d10b4a8a981cc4ee43823500087dd0d2209e50514df3765d10d742a63d
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/paper.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 895
last-modified: Mon, 05 Sep 2022 09:36:32 GMT
etag: "6315c320-37f"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/buy.svg
151.80.169.28200 OK 1.2 kB URL HTTP/2 zelenka.guru/styles/mm/buy.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (344)
Hash f796e797192932ea9d82c2682b7568ea
744929b0b0b84c321048eb3d24e114590c320d87
a29c241035d53a2b9fd702f0b06821c16f2324fd580726afa0d32b5fdcc5728b
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/buy.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 1223
last-modified: Mon, 05 Sep 2022 09:36:32 GMT
etag: "6315c320-4c7"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/shield.svg
151.80.169.28200 OK 812 B URL HTTP/2 zelenka.guru/styles/mm/shield.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (565)
Hash ed4e97d8851b3beae7df510697a3eb80
22d2dbad5b9dafe90fc255e073c4800e616732b7
28bae4941d25a2b04e3c19d9da161c5b00355a141b1b554eb47ed98cf9db539a
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/shield.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 812
last-modified: Mon, 05 Sep 2022 09:36:32 GMT
etag: "6315c320-32c"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/send.svg
151.80.169.28200 OK 432 B URL HTTP/2 zelenka.guru/styles/mm/send.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (328)
Hash 8650fbba5c447a5aba47e0a7ac057829
48e6e755dd71913a17496fe0ed9f909865f28d2d
f03f16eb1f8689b4a3094f18fc905982c32361d7fa67a9eb85b9493f87982a58
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/send.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 432
last-modified: Mon, 05 Sep 2022 09:36:33 GMT
etag: "6315c321-1b0"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/chat.svg
151.80.169.28200 OK 1.4 kB URL HTTP/2 zelenka.guru/styles/mm/chat.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (686)
Hash a09482b9ec1e6bcec3cf0dc395ed2614
5358ea23c9902e1e65ed0eeb571df2787bea3788
9d07bff0ec207cf8097ab26b4599c29e219ddd058db3ce5d7ea7b640618f3fd2
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/chat.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 1354
last-modified: Mon, 05 Sep 2022 09:36:33 GMT
etag: "6315c321-54a"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/voice.svg
151.80.169.28200 OK 800 B URL HTTP/2 zelenka.guru/styles/mm/voice.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (369)
Hash 041c7deb4c221f1e51c9d6c66d588644
1298441e2319e8461d4a1698315444dc445eb242
5977716623714f02150a5f7c31f89c304265a8d5782b17e47a027c3d9001ad3f
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/voice.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 800
last-modified: Mon, 05 Sep 2022 09:36:33 GMT
etag: "6315c321-320"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/danger.svg
151.80.169.28200 OK 902 B URL HTTP/2 zelenka.guru/styles/mm/danger.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (433)
Hash a65e41a7b6ccaf049e2e775326e74a0c
30aaaca66bd18539ccccd56dc6d328651575a9e7
28d452a1efbf6d513a7d02dbca936882a3bf9552211f75087274056e3fdbaec4
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/danger.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 902
last-modified: Mon, 05 Sep 2022 09:36:33 GMT
etag: "6315c321-386"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/circle.svg
151.80.169.28200 OK 683 B URL HTTP/2 zelenka.guru/styles/mm/circle.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (339)
Hash 36c0971d9e77fc848b80f385242146a0
3ca04689f81ff0a21e81887bd9f32e8449b56378
8e4962642b4d7110d15d68553aaa0ddfc5dcaab5d4f4293d6cebb8705d74d844
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/circle.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 683
last-modified: Mon, 05 Sep 2022 09:36:32 GMT
etag: "6315c320-2ab"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/square.svg
151.80.169.28200 OK 719 B URL HTTP/2 zelenka.guru/styles/mm/square.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (376)
Hash 702eb53194b95a6318f0e8e9295c80cd
7330f4aa9b442db95d9bd85040e8e12bff079ef5
587e1039cd67e4f2a95a1614adc096941f2a29a047eb89d3dd6b9e4c166ff405
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/square.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 719
last-modified: Mon, 05 Sep 2022 09:36:33 GMT
etag: "6315c321-2cf"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/graph.svg
151.80.169.28200 OK 1.3 kB URL HTTP/2 zelenka.guru/styles/mm/graph.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (706)
Hash 865dc809dcb9f8fb94ca0dcae0a42d4d
bb482b7749efd9b1ed5b3881c335e689673fcc33
f362004a918d1c5d3405664a47c827b4696d599351ea28d969d6839ecc13767c
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/graph.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 1306
last-modified: Mon, 05 Sep 2022 09:36:33 GMT
etag: "6315c321-51a"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/language.svg?1
151.80.169.28200 OK 1.2 kB URL HTTP/2 zelenka.guru/styles/mm/language.svg?1
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1093)
Hash 47689d5587cfdc167eb024b2a1c76735
0ade34df01ae54d32cd147a0627672822e20eb04
2dcce233f1cf1f6c7988302fc2bc49b4a5704bc043bdf3b5ec25f43f7b17534b
GET /styles/mm/language.svg?1 HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 1228
last-modified: Mon, 05 Sep 2022 09:57:35 GMT
etag: "6315c80f-4cc"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zelenka.guru/data/avatars/l/4496/4496921.jpg?1631686659
151.80.169.28200 OK 539 B URL HTTP/2 zelenka.guru/data/avatars/l/4496/4496921.jpg?1631686659
IP 151.80.169.28:0
File type PNG image data, 50 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 119651ee74e6314856169b04debe1b33
215eea1a77fa0a221f602be5d8bf25693e021c8c
6b7620f521b8d35a2c9370ca9985f3166a6745c0ffa3cab37c4874ab7540eea8
GET /data/avatars/l/4496/4496921.jpg?1631686659 HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/jpeg
content-length: 539
last-modified: Wed, 15 Sep 2021 06:17:39 GMT
etag: "61419003-21b"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/css.php?css=xenforo,form,public&style=9&dir=LTR&d=1671889473
151.80.169.28200 OK 94 kB URL HTTP/2 zelenka.guru/css.php?css=xenforo,form,public&style=9&dir=LTR&d=1671889473
IP 151.80.169.28:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4153a63f4c68545feae0d1ae4fb2769b
2a31bfee4942ca1b2144c60be21c30d382f617ed
09fa4d244b9f5cf21f206ad1fc97a2c888dc46c1021de4b42d8d950544a119c5
GET /css.php?css=xenforo,form,public&style=9&dir=LTR&d=1671889473 HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: text/css; charset=utf-8
content-length: 94208
expires: Sat, 31 Dec 2022 15:46:38 GMT
last-modified: Sat, 24 Dec 2022 13:44:33 GMT
cache-control: max-age=604800
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 9b43aeae46cba481cf8524a080160cba
28507d767f97c4da86dfd6713ddc27e132c85316
fdc1665571de10005428c2641a52dc4ac98823898744fd0da016698d5709b917
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 15:46:38 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FF81403E5CE730C8CEDF89126AB80B20126CA782"
Expires: Sun, 25 Dec 2022 02:00:00 GMT
Last-Modified: Sat, 24 Dec 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2900
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ea788d8d930b06-OSL
zelenka.guru/css.php?css=market,market_item_view_parsed_info_supercell,mmenu_all,notices&style=9&dir=LTR&d=1671889473
151.80.169.28200 OK 130 kB URL HTTP/2 zelenka.guru/css.php?css=market,market_item_view_parsed_info_supercell,mmenu_all,notices&style=9&dir=LTR&d=1671889473
IP 151.80.169.28:0
File type assembler source, ASCII text, with very long lines (35410)
Size 130 kB (129654 bytes)
Hash 00bd25ec5688a34ff97928711aa02cc3
4a7b119a5269d8e71b2c29184274a9c09ba0cb5b
671d41d413ec89ee49fc2117733a5da067fbed72e2e0da274f78e9b783aa1e5e
GET /css.php?css=market,market_item_view_parsed_info_supercell,mmenu_all,notices&style=9&dir=LTR&d=1671889473 HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: text/css; charset=utf-8
content-length: 129654
expires: Sat, 31 Dec 2022 15:46:38 GMT
last-modified: Sat, 24 Dec 2022 13:44:33 GMT
cache-control: max-age=604800
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-J7RS527GFK
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-J7RS527GFK
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash ef202c3143b47f9bbafc55e5cf5963ef
d2caa781890717a0546721b2d40157658476d009
91c443ac5556a3db26982d619de67d4d2e94e6a1c9aae9dbdb32619b989c7dad
GET /gtag/js?id=G-J7RS527GFK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Dec 2022 15:46:38 GMT
expires: Sat, 24 Dec 2022 15:46:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 24 Dec 2022 15:08:04 GMT
age: 2314
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 40cb2a3391367c97ea650ba8ab20aea9
0f61b65bd5e0186e70675dd4f3e24644462f0290
cc876bd035179dc9335f95e988ff1926babff5df52f16e890d7faaaa4b884009
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1877
Cache-Control: max-age=108183
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Etag: "63a61b20-118"
Expires: Sun, 25 Dec 2022 21:49:41 GMT
Last-Modified: Fri, 23 Dec 2022 21:18:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
media.brawltime.ninja/gadgets/23000246.png?size=160
172.67.142.215200 OK 17 kB URL HTTP/2 media.brawltime.ninja/gadgets/23000246.png?size=160
IP 172.67.142.215:0
File type PNG image data, 160 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash c9e19f3d3c2d155ddf41fbef75b748d2
ef688892a27320e0327e26e7fe5c5d3ba1ce64ff
9bd58cfbb2d682d247479cbc55b17208252b36ae47a93163fc0d304ca0d0ac08
GET /gadgets/23000246.png?size=160 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/png
content-length: 17260
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:59:36 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6403
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdMhoJSIfpQRsViwsv8by1ZRurBHGyKSLF1QkTNKjT9lgS8jOFiOrbLUErsrOAcP6JXKheNijXAcIHLgYvxWzSCaJ83IPCjdsoeFhXg8fJkf9%2FS5AW0JFBcEJgRwjQ%2FyfIMpiF3%2FHqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb170b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/rosa/model.webp?size=100
172.67.142.215200 OK 6.9 kB URL HTTP/2 media.brawltime.ninja/brawlers/rosa/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 301fca9b64f1d56a0a62b038356c9e9b
9374129986eed23e6db591fb4bf01f751b7641d0
a07cfc792e4ae7916fed98c16c24b9771fba84f7d03272f1152db18e984c6909
GET /brawlers/rosa/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 6926
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:59:28 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 1722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FNAfAsCPooGjQDbwa9lvSEv17tv2erQLPgNz7412cXiAAuL6SeEXLUQucZSNMWKeE%2B6%2FYqLjqka2W2BpIjyLmcu5K8XzfZHqeC7XTiubBmQKSJIuJ62CGyIaB7jKikPqEG2%2BzClZ5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb1b0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/barley/model.webp?size=100
172.67.142.215200 OK 6.4 kB URL HTTP/2 media.brawltime.ninja/brawlers/barley/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fa2ec1e846d708f67e08cd1611db9431
09c7139a38d4bcde45e1402e7673291d5fe4ac33
d3a26561ec2f252934528f35401ffa55c7eb014c37daffbbe88f79c05cb8cff2
GET /brawlers/barley/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 6386
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:59:19 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 1722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh5jHcs2W2XGD9H5MjiOhafLAoF%2ByvQTsiFZUggoWkMKARIh7ZSDByGEv%2FW3CNE%2Fww5GWvJRnhPp05omnMiAOT1k3vEsI0w%2FmFN%2BKudFjmDJ3gpTTCPmgfXlI%2FEA8aJlXuA9fSYOhrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb1c0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/nita/model.webp?size=100
172.67.142.215200 OK 6.0 kB URL HTTP/2 media.brawltime.ninja/brawlers/nita/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1bb4c31dfd53097c3d9476a3fd12ab94
7488cd382baa03c3d0a2d1f18cfcf82670c30463
bee308ccfb38f0daed429f75a8d4b1a2c9b78ebeda677d6e2b535d1a1a7eda88
GET /brawlers/nita/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 6024
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:52:34 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 1722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nr%2FqMOw4TZjlLDOffQz%2BA6hiIOBTTdCOdGq7arisT9L2nmPNbmm1yXZYypI43HhWP%2Bf0YkORDWmjj544y170iBXIjybFs82Hy%2BIB7bLBStrl3YkBXXDq7cw4ajxFCNoCvOrVvJZznk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb1a0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/brock/model.webp?size=100
172.67.142.215200 OK 4.8 kB URL HTTP/2 media.brawltime.ninja/brawlers/brock/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 380a8a6139e1ac4d10be3460f9abe2c3
e12462d006cb5f2e4280c42b07102addef77d803
58bf1204a91175e428446e63aabb911fc2b58ea28125dd3c5f34ec539c05e2b2
GET /brawlers/brock/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 4788
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:53:02 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6402
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceCGizcQ7RRQszKoGXhaDoTFOQyr%2FvGQN%2FOvhL48HJosB6%2Fr7AV0F66xJ%2Bf0CUzzbypYybIrXSgln%2BCfOx1TH4lL11xh317kNUABdvuZxHfKZEQR8xYplGEtkPw7hmhQarVWzxZR9b8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb1d0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/shelly/model.webp?size=100
172.67.142.215200 OK 8.2 kB URL HTTP/2 media.brawltime.ninja/brawlers/shelly/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a99bbb6a19ea82912f0367356567432d
9dad95b1f29fb36c76727b50e4439954067646de
d2c31c747b58316d8c7c91090fa0163522c2379f89c8e2f53c18247a8a6a503f
GET /brawlers/shelly/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 8170
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:58:42 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 1722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4XHhnNbBdLYS2Z8ozJPzVVwdqerYpd0L3FKkUZ66fOa%2BEliI1AK7zeeh4cmtuuXTAuxhDXRXONyvIgF8rkNHnrBWCBsQvj4naabFrOcvM1hpTx65Df203QdKVIfxz47NVx7Rr0mqoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb1f0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/gene/model.webp?size=100
172.67.142.215200 OK 5.3 kB URL HTTP/2 media.brawltime.ninja/brawlers/gene/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 290dd235468d0c09b7221d134d596dcd
00fe1eec371e5935583193c436fea0231050ca3c
a2754b7b91aa3bffaa43244bce619ca07eb0775c1c96c8ba94aa65b550e2ddec
GET /brawlers/gene/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 5348
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:54:52 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 1722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WpuSTTmaUXvLx2QT9o40vctm%2FSCgdkfkWiDw8Docn9gieHa734y%2Bb0docU8njoLTcH1mM%2FgM34g6Q0YPRC7PI2ClSqy87nCfv8idSdSCB3tRxKYkXJDPrUVWjD8rfyC9OxBy4Velqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb220b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/gadgets/23000255.png?size=160
172.67.142.215200 OK 17 kB URL HTTP/2 media.brawltime.ninja/gadgets/23000255.png?size=160
IP 172.67.142.215:0
File type PNG image data, 160 x 169, 8-bit/color RGBA, non-interlaced\012- data
Hash be60be9a25f1f94dc872d2fd6f886d92
f08eb8bd046554d0df54d9d4c244a0a572e86cd0
7ba01e235948d61a77eb2340c4223a20499f8b6ef2de3ecd986b44a66ed69826
GET /gadgets/23000255.png?size=160 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/png
content-length: 16980
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:59:37 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 1722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAPJSub3S9DrHCwN43O5%2BwZpJo51amFD4sYAOAT5kmAZ%2FISDVzxfjHU7hPfp%2BMEbIgjR1XEPEotgEQlRvFvNYDqJ9rCUrGGrxGbjTwUbv1Iud5VbC0x7E0EnSwOJBjJumZrUiPXv%2BqI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb200b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/bull/model.webp?size=100
172.67.142.215200 OK 5.1 kB URL HTTP/2 media.brawltime.ninja/brawlers/bull/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f2c97b842925d548ecdb9198d0e2661c
c679e04f7a953745e1d2de88c54de3e06671cd1a
b4872b64a582534cd15882e51a6e6d1a6f457e860631202fc5711e8d5dab0850
GET /brawlers/bull/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 5136
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:52:50 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6403
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tS6X%2F%2FpBBWYAie0T%2FmY112B28fyFNTCMGtSUvMkG%2BdbBokDbZgFAEFW%2FgDwDzwDcYmFZblj%2FyI3DIaKZe0ZS2gYVkrIFSm2ffFo5H9mSBwG2D5yyx2%2BsU%2FhY7L5uqQS56cyblUKrAWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb1e0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/el_primo/model.webp?size=100
172.67.142.215200 OK 5.6 kB URL HTTP/2 media.brawltime.ninja/brawlers/el_primo/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fe07a8b7699bf6ee5f8e6c5cf780920c
11797cb62f306b0982b07927e97205b52e615ae5
92ee2c7542ee6f096dfd29b095555372671382ff86f2d5bd77366923b637a823
GET /brawlers/el_primo/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 5558
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:56:58 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 1722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKI6GieQJCjudLR4IryN3VZojs4T5uVicydg7SlUFcJCTPhIW7sbaAAQWkkUVNO8CZmqclM8ZlOrbksJrtdA3A5Mg2KeEmjAUQePXwp1GiiQjU5dI3q2WACUN5KxUzKxECYZ%2Fw%2F2i2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb180b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/gadgets/23000266.png?size=160
172.67.142.215200 OK 19 kB URL HTTP/2 media.brawltime.ninja/gadgets/23000266.png?size=160
IP 172.67.142.215:0
File type PNG image data, 160 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ad141e1c907df30ab7a0e232684feaa
40f50156af524a46a6896f79b08efac1ae50355a
6a66137ea91febd9aa4c922592971a08ee7807256d136a0b54a84c111ac15e45
GET /gadgets/23000266.png?size=160 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/png
content-length: 18744
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:59:40 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 1722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Cn8u7iH8lNl0Dw4ArUjK30nSnVJlDeTq0aFmWnxb3xLhfmpi%2BgSX%2FwWeET9IISAKm2HzVTY32OXJQTNcO4ifBLX%2F87iBTUdPrFKvd6wr4rF9Q4hv3EZFXXcb%2FP%2FCHxtRttkewjuqnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb260b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/max/model.webp?size=100
172.67.142.215200 OK 8.1 kB URL HTTP/2 media.brawltime.ninja/brawlers/max/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0fa0e4829f865ff9aa9ab3976407fe62
0449b343c8ee7cbd6ef612c4c831ab7862bcd1c5
51bf92fd5dbef8c5c847c4cbdb2e321a03f27575a51e21b57eba5223d279aca0
GET /brawlers/max/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 8092
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:55:00 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqKkxt1GeMmwrZfM%2FzuGGrTTBv0b4a4NYfD3k1F9QWoWmbUUwe3Vs76qMoH81d3XAyK5QAOeJN2trqh5Q5yKiwNqEoiUCYVopStzSY9LZZ3m2OcCHp9JZwZxNCxrdMsiNTMtAG9flSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb210b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/pam/model.webp?size=100
172.67.142.215200 OK 5.5 kB URL HTTP/2 media.brawltime.ninja/brawlers/pam/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c0f15fe18939517b3cfd6f0cbd5573e9
7cd679ab8b6be5f971887e7acf96f36dfa332205
0aba2f814a8ef8f91b7e4746fca72aac34c5278c972aa87030dc524c8b1761db
GET /brawlers/pam/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 5488
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:54:40 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6406
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lj1p0VxK91Irdf%2FZYNbY5egSH0E1qEsJszWIBQPhUERcrMer%2F0o2mL9LGpNV6NP1BMDnksUYPA8xz0ixqGcxmzs7QeeBqAADwT3%2BwhSNo6%2BmIr%2B03PJM01xICSpDRZVAsBaCIypNyMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb230b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/bibi/model.webp?size=100
172.67.142.215200 OK 6.0 kB URL HTTP/2 media.brawltime.ninja/brawlers/bibi/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fa1e884561600c68db1e446c25b21e8a
baf266c39646f1e05073015842ffec16cd2cc1b5
2df2f13ce33fde9272f240ed969e245896c128f3d8c5b920897d6639f2957ea8
GET /brawlers/bibi/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 5972
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:57:47 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FI4Ky9zLSbZIWuOz8SsnEMJEjGp%2BWcf8tii016HRozsTG3RPKs4jEim%2FucyN0F63qcv4CS5TpJeU0htDy%2FbUy2CtpLF5UZ%2B82PypxzeymQFgE2L8j4hkwdmVwFFiHQZtH20RuFUNb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb270b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/bea/model.webp?size=100
172.67.142.215200 OK 7.0 kB URL HTTP/2 media.brawltime.ninja/brawlers/bea/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c5eef637adc5c8777718c562f13bbc7a
de41a8e453b1b26f9ee23de427594e4e579c719a
a5dc5c0ffbd346277e6dbb6d7b3c821fd3bb4b09e112f9d79300b9ab3c3b1690
GET /brawlers/bea/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 6970
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:57:28 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 21138
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6et5KPjrcF4cONDkx2oCjHq0anu6O4f6voUoOsam8kn9SV9boIWc%2F%2BRAwvxx9UuTGvDyiI1iq2ah%2Bw3TyHs%2FIEUbY29kj1ZR9X9IjzbVeA827Jj1rqr%2BjKklYb%2F2RzGojc6Meb7YLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb240b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/frank/model.webp?size=100
172.67.142.215200 OK 4.9 kB URL HTTP/2 media.brawltime.ninja/brawlers/frank/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e94792245397a27094bc79ee8e6a83b3
6ba00c2dc4eda327c2cbbffd6ee0a5cf21040459
885850c74d04e3940912a3b79421013ec8fec972d7821362bd6501349373d3f4
GET /brawlers/frank/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 4910
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:54:46 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6406
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syhKbZcfdcrB8tx8wUPqUDPuh4%2FAe6dLeL5eZXfQ2ljXVpN6ZHfFPnZS8xh2K2cTQMCnAjJl8kBdAZbdK2aws7YwRZBLvvrtYmZWYvBxNWgWHG4maCFtNcooeHA%2BGGrawIyqKctosNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb290b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/tara/model.webp?size=100
172.67.142.215200 OK 7.8 kB URL HTTP/2 media.brawltime.ninja/brawlers/tara/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 97acd450d5fec70050037ee854483de8
102eed5cc76b4ef1d4559a353603f24afd01d897
4bf150b869c9f4c105728d4e4ee297f676154253508930b897dc7e44e526e80c
GET /brawlers/tara/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 7814
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:58:25 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fObLbyMwjKhHYJc2VAdBjfNwWNJHcsI9eTc3lq0Y4WI2izFD2nSmV7jts5jFsX6bcNXz7ta39Wa9lOOU5Kkiac4RTZ2SCMaPa0QIDLUOpnDZWLODphFRzmzn9uMHuudAlfyDK1e2UuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb250b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/bo/model.webp?size=100
172.67.142.215200 OK 5.1 kB URL HTTP/2 media.brawltime.ninja/brawlers/bo/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 704cba7a3ac61fc98ce75bbd6a01efa6
ebfa683a1ea77d18a53dd1b5439d90f7c6ac749a
3ff8d466544af4e926e0fd0dda2d73831590a2ceb36c45d2a3afdaa9ed6fb60f
GET /brawlers/bo/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 5136
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:56:24 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlXe7G1FQq%2FwAM%2BPXVAbWTOESy3h19EwQJHEAvXXwD6otrLhOJBSNqZ2P3eIbPrRe%2BE%2B86qbIYO116UAhQ0JH0yIkp%2FrL1u10djG50qY%2BkVJ0xJ4zvtvk9NaK9GIKpqtsUl2JdHd63E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb2a0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/piper/model.webp?size=100
172.67.142.215200 OK 6.2 kB URL HTTP/2 media.brawltime.ninja/brawlers/piper/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f89e67bb6cf5fa92b008681aea2c46da
d43061c58bbfe68b21af707bf2e004090fe87f70
b11e814e3e35d5300e67847bdff6f5702791fe4bbdb3d6d5485ec0938a539a71
GET /brawlers/piper/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 6220
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:55:41 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChstHidIG5GKA5mDgQlmQMnVPoOxZwNJ99%2By8t%2FkFO4OwZppvcl4RQI%2Fn2k9lhXpBW2eUJMUdU5Ct%2FvE2dMuDGvrNcyJGXpumbblh4gfSSytfuByYi%2BpVxapqhZvJp42vYgXHi%2B9Wa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb2c0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/tick/model.webp?size=100
172.67.142.215200 OK 3.5 kB URL HTTP/2 media.brawltime.ninja/brawlers/tick/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 310e3bab418536440767a0d4292ecc52
bce80a22642d972d9a3689598baff2ca1f6ad071
6568de349f67d01ec2e293811e5c85783c1094b1267525a0766330d6b35ea0e1
GET /brawlers/tick/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 3482
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:59:34 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91CFZfeSY4q6ldxee6FYuQq2grTjNE06sqUBI3HDUyCdWVGauAGuTagvJ%2BSONXwLsOMJsVoNBuYX2AASnfPj35s7j6qo64yCi%2BjSAMSiJAVM2K%2Fe3F9TKwuv%2Bf10%2FmcahWMFfEtI%2Fb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788edb330b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/carl/model.webp?size=100
172.67.142.215200 OK 5.6 kB URL HTTP/2 media.brawltime.ninja/brawlers/carl/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 01a2f84f71cbf40f208166f69f2ca56e
a746f8cd314a6049f1db513cec06ce534c2793a1
dae8403aa2abb7693ab279610cdfa353838ad4c42172649d69221f872ad57912
GET /brawlers/carl/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 5610
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:53:10 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVyL1RvNa8qaCjdssSzNOXuaT%2Bth9OOLPIfP2Os41QrqOj%2B%2F%2F%2B1%2BDWhv4dZN%2BitCGlB9nguldyPbN%2BfFVzZWNL7%2BDl8%2Bq4sk7W3Fh%2FmBp%2BBDG4zi22euBnagz13oKsK17ofjGPV1SWU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788edb310b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/darryl/model.webp?size=100
172.67.142.215200 OK 4.1 kB URL HTTP/2 media.brawltime.ninja/brawlers/darryl/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7304536723b3a2e066c6e3c85ef7b33c
efd311db73251bda526ab61518980401a203b574
0c9ee79e1097b6dfcbcad942a8621b3a34ce5610793d6747de002eb19d132ef7
GET /brawlers/darryl/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 4062
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:53:26 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6406
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDRyw7NqvzLWIUxjCeZQujbAe3Oys0Tw9EuQIuwFP2bZz4RDVwGHBrfbu3aF7sNKFCiEDFguLWJ461V2NuAu%2BjI97fj2E067BGzsqHxCmv3j4TCpaoNXvsSlNK2h8CRNOONm5S%2FNXmk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788edb360b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d7938ab2263405a708c44813f3e16cb8
3ba9f4363ecc2834ea1211f761ce2d04e0077ab3
8a8ef4218bcd8ecb1f12ecdb74f3f453a7093be8dd3c233615577dcc9b40fa92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2607
Cache-Control: max-age=151418
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Etag: "63a6c129-1d7"
Expires: Mon, 26 Dec 2022 09:50:16 GMT
Last-Modified: Sat, 24 Dec 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 40cb2a3391367c97ea650ba8ab20aea9
0f61b65bd5e0186e70675dd4f3e24644462f0290
cc876bd035179dc9335f95e988ff1926babff5df52f16e890d7faaaa4b884009
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106306
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Etag: "63a61b20-118"
Expires: Sun, 25 Dec 2022 21:18:24 GMT
Last-Modified: Fri, 23 Dec 2022 21:18:24 GMT
Server: nginx
Content-Length: 280
media.brawltime.ninja/brawlers/8-bit/model.webp?size=100
172.67.142.215200 OK 4.2 kB URL HTTP/2 media.brawltime.ninja/brawlers/8-bit/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cd5e1c8745f2ca4dec87deee19a5a9dc
730d571e02c905df6328d21305c2777ec07eba93
7cb6973ffdd74f4ad61ce24dc84aee84aa13ca4376a906ae204ddf12461eb672
GET /brawlers/8-bit/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 4230
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:55:20 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrypWkZGnvxEezC4uswMrp%2B0j7M9LfiyNs6I0Ixi3wvLazNYto09DTt536t%2F%2F41Buh2ntzhXaOUCxUo5%2FxqJFMCmOhxAfIt774VXpZXzxPRIhTA10FIiFTJMAeNCYbYpSZ2v6SoI8A4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788ecb2e0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/jacky/model.webp?size=100
172.67.142.215200 OK 6.9 kB URL HTTP/2 media.brawltime.ninja/brawlers/jacky/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 37bc5f7b63d7f1b14f4fa325c4f77c70
b358a82848b1c0980b3c384578102d8756cd904d
ad426cf026a23942ddd4f1707ca155aada3af8d556ac4b0c9a65234ed38ae83b
GET /brawlers/jacky/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 6926
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:59:10 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6403
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwsC4XCCl1mQ34nRRKv178wgmlVSg27TDnLZwrg6UmVahka5HWv68c7eGF3%2FTMlBwnj%2FZwRoKm%2FIiaGCchqU%2BhPIoRvvK30%2FC29UYEdA%2BMuZ9A0H9ahrsYs1AKAEa8QLtjGNA69g9tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788edb370b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/colt/model.webp?size=100
172.67.142.215200 OK 7.2 kB URL HTTP/2 media.brawltime.ninja/brawlers/colt/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b6c91fd8f63fa83465c346198bb00917
3516daf26c26b044caedcd1ff1c1f54162f7b438
7f6b1aa9c47c1306ca2e42336dec541aa67b931d358db111eade534218aeb1b1
GET /brawlers/colt/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 7156
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:52:06 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6402
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=178wjGs%2F0YVWFRw%2BkhakIfuHINw1lgN6t46kfwLj2BGF1weu6hnlaKas554BL%2FDkEM8gmvSdmiAG0RKe6IbbyHwgQ6WOLT3Gu7gcGoj6GCs2w1St%2BGDiZck9eQ%2F6rlidr0SXJknQVJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788edb390b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/penny/model.webp?size=100
172.67.142.215200 OK 7.3 kB URL HTTP/2 media.brawltime.ninja/brawlers/penny/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 20c0ec63a4085c6f0f244063820ffc56
7cfa658f1e8e3d1fdb6db9c5c8ed35e49e40705b
bd755996f22e3f938cac29f026f76fee00092072c73ad3f05359d16afe8e1d6e
GET /brawlers/penny/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 7310
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:58:00 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry4tsIbWImHotWvsriJV%2BhtBYelCNGWIm%2B5N9EQV7fpupVAYQDqvIyH0GyI1ms342VtV2YX5fSqI7lldSch2dReqoB2KL1cNOshXT%2BU6FmziAQ6uJy1KQOVMhtXDxSwEStW2R1GL%2F9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788edb350b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.brawltime.ninja/brawlers/jessie/model.webp?size=100
172.67.142.215200 OK 5.2 kB URL HTTP/2 media.brawltime.ninja/brawlers/jessie/model.webp?size=100
IP 172.67.142.215:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c79b243a580f1a28f97894def35eb163
2805ed3c0ba3f8b4ce8aff03e1423008edfb08d6
16313dedc856edb3f16cc22fcb28263e7215438b4de874ea5c66de9486ea3db2
GET /brawlers/jessie/model.webp?size=100 HTTP/1.1
Host: media.brawltime.ninja
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/webp
content-length: 5242
cache-control: public, max-age=86400
last-modified: Mon, 19 Dec 2022 09:55:36 GMT
vary: Origin, Accept-Encoding
x-proxy-cache: HIT
cf-cache-status: HIT
age: 6405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3qZpxDnuOj2KWzY7JDUZbTtX52f46xEjc%2BkvsapqmGfUpRYtfALJKX7l78lVo7o3Ot6TLMO5Lpiv0cKhG4TtONWxRwztPyTBUwgTHuzILlzP9PQbqZA5ewgy2bVr3dUG%2FllSrpUris%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ea788f0b4e0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 40cb2a3391367c97ea650ba8ab20aea9
0f61b65bd5e0186e70675dd4f3e24644462f0290
cc876bd035179dc9335f95e988ff1926babff5df52f16e890d7faaaa4b884009
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1877
Cache-Control: max-age=108183
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Etag: "63a61b20-118"
Expires: Sun, 25 Dec 2022 21:49:41 GMT
Last-Modified: Fri, 23 Dec 2022 21:18:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
zelenka.guru/public/cd-top-arrow.svg
151.80.169.28200 OK 555 B URL HTTP/2 zelenka.guru/public/cd-top-arrow.svg
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash c2bab96d57583d68d57a99dc04f16482
17f5b39cdf2f8cd02d5f3ff422372dcefd1bea53
d94bbee4b8120bf8e4937e3e9c54de44bdb866291db81088601bde90085092da
Analyzer Verdict Alert fortinet Malware
GET /public/cd-top-arrow.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/css.php?css=xenforo,form,public&style=9&dir=LTR&d=1671889473
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 555
last-modified: Mon, 23 May 2022 09:33:53 GMT
etag: "628b5501-22b"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9527d889a5b94c28b4dcd8809ffba513
b2ee81348df6ebc3f72fcd64b7767df0a1903fb5
9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9527d889a5b94c28b4dcd8809ffba513
b2ee81348df6ebc3f72fcd64b7767df0a1903fb5
9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zelenka.guru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Dec 2022 18:52:41 GMT
expires: Tue, 19 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 420837
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Hash 4a90976686fcbd8296c7d7fccc04c273
bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zelenka.guru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Dec 2022 18:56:02 GMT
expires: Tue, 19 Dec 2023 18:56:02 GMT
cache-control: public, max-age=31536000
age: 420636
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zelenka.guru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:13 GMT
expires: Sat, 23 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 94405
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zelenka.guru/styles/font/fa/fa-solid-900.woff2?_v=5.15.3
151.80.169.28200 OK 137 kB URL HTTP/2 zelenka.guru/styles/font/fa/fa-solid-900.woff2?_v=5.15.3
IP 151.80.169.28:0
File type Web Open Font Format (Version 2), TrueType, length 136824, version 331.-31261\012- data
Size 137 kB (136824 bytes)
Hash 978b27ec5d8b81d2b15aa28aaaae1fcb
76625967fe113a088e0627605b9d1bbfb8a5e47c
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
Analyzer Verdict Alert fortinet Malware
GET /styles/font/fa/fa-solid-900.woff2?_v=5.15.3 HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zelenka.guru/css.php?css=xenforo,form,public&style=9&dir=LTR&d=1671889473
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: font/woff2
content-length: 136824
last-modified: Mon, 23 May 2022 09:33:53 GMT
etag: "628b5501-21678"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
X-Firefox-Spdy: h2
zelenka.guru/styles/font/fa/fa-regular-400.woff2?_v=5.15.3
151.80.169.28200 OK 169 kB URL HTTP/2 zelenka.guru/styles/font/fa/fa-regular-400.woff2?_v=5.15.3
IP 151.80.169.28:0
File type Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261\012- data
Size 169 kB (168768 bytes)
Hash d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
Analyzer Verdict Alert fortinet Malware
GET /styles/font/fa/fa-regular-400.woff2?_v=5.15.3 HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zelenka.guru/css.php?css=xenforo,form,public&style=9&dir=LTR&d=1671889473
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: font/woff2
content-length: 168768
last-modified: Mon, 23 May 2022 09:33:53 GMT
etag: "628b5501-29340"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 40cb2a3391367c97ea650ba8ab20aea9
0f61b65bd5e0186e70675dd4f3e24644462f0290
cc876bd035179dc9335f95e988ff1926babff5df52f16e890d7faaaa4b884009
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Etag: "63a61b20-118"
Server: ECS (amb/6BC3)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 40cb2a3391367c97ea650ba8ab20aea9
0f61b65bd5e0186e70675dd4f3e24644462f0290
cc876bd035179dc9335f95e988ff1926babff5df52f16e890d7faaaa4b884009
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106306
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Etag: "63a61b20-118"
Expires: Sun, 25 Dec 2022 21:18:24 GMT
Last-Modified: Fri, 23 Dec 2022 21:18:24 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 40cb2a3391367c97ea650ba8ab20aea9
0f61b65bd5e0186e70675dd4f3e24644462f0290
cc876bd035179dc9335f95e988ff1926babff5df52f16e890d7faaaa4b884009
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 15:46:38 GMT
Etag: "63a61b20-118"
Server: ECS (amb/6BC2)
Content-Length: 280
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QSIVaerkYxt7axu2fcpn1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QivDQQ9ZuxNja3YSVd5mtaj2giA=
zelenka.guru/public/2017/zelenka.png
151.80.169.28200 OK 9.6 kB URL HTTP/2 zelenka.guru/public/2017/zelenka.png
IP 151.80.169.28:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 152x152, components 3\012- data
Hash fadafbda2fab7c8a1feed8c6e00abcee
887f25e551c19dafeb8c0f00f30ab58fc2211346
e3742682cfdd81665035a5e97e6b43d5891e2379ab6c2b06dbd764e672965d4d
GET /public/2017/zelenka.png HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/png
content-length: 9579
last-modified: Fri, 19 Aug 2022 15:39:15 GMT
etag: "62ffaea3-256b"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
zelenka.guru/favicon.svg?4
151.80.169.28200 OK 1.4 kB URL HTTP/2 zelenka.guru/favicon.svg?4
IP 151.80.169.28:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (626)
Hash d22fbfe2ced1c6d4a8997bdb0c38d3b5
d57652506d9d076d17f556fe8ed29c2fa5a88ceb
f223ae0076c1bf119bc649fad179dfaf5a11aa91d3104957002678837c1a716a
Analyzer Verdict Alert fortinet Malware
GET /favicon.svg?4 HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
content-length: 1352
last-modified: Thu, 25 Aug 2022 11:38:05 GMT
etag: "63075f1d-548"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 358c257499d42a0dc69b3e8b8a0cf1b4
70a62a1a7daf687f820e1041416e979ed0c3a49a
1b712857bc90746193111e04c6b2eac622ab9c843bca0cf30e897bff9d42216c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 15:46:38 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 28 Dec 2022 13:17:15 GMT
ETag: "70a62a1a7daf687f820e1041416e979ed0c3a49a"
Last-Modified: Sat, 24 Dec 2022 13:17:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3453
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ea78910f370b06-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 5406e95a38d1960cd1e3a07843b6f0b2
22b0a5f45018a069fcb5269d1f258d459fafdb67
e00675e9b76764444224c12c062689f66480cddd048985502f7c697892cbeb3a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Dec 2022 15:46:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 28 Dec 2022 13:28:49 GMT
ETag: "22b0a5f45018a069fcb5269d1f258d459fafdb67"
Last-Modified: Sat, 24 Dec 2022 13:28:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2743
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ea78911936b51d-OSL
counter.yadro.ru/hit?t52.6;rhttps%3A//zelenka.guru/market/44873032/;s1280*1024*24;uhttps%3A//zelenka.guru/market/44873032/;hBrawl%20stars%2C%20%u0445%u043E%u0440%u043E%u0448%u0438%u0439%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%20%28%u0440%u0430%u0431%u043E%u0447%u0430%u044F%20%u043F%u043E%u0447%u0442%u0430%29%20-%20%u0410%u043A%u043A%u0430%u0443%u043D%u0442%u044B%20Supercell%20-%20Lolzteam%20Market;0.32336402164746303
88.212.202.52200 OK 438 B URL HTTP/1.1 counter.yadro.ru/hit?t52.6;rhttps%3A//zelenka.guru/market/44873032/;s1280*1024*24;uhttps%3A//zelenka.guru/market/44873032/;hBrawl%20stars%2C%20%u0445%u043E%u0440%u043E%u0448%u0438%u0439%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%20%28%u0440%u0430%u0431%u043E%u0447%u0430%u044F%20%u043F%u043E%u0447%u0442%u0430%29%20-%20%u0410%u043A%u043A%u0430%u0443%u043D%u0442%u044B%20Supercell%20-%20Lolzteam%20Market;0.32336402164746303
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash e87f20a7e776b2fecdef6a2973ccd338
18f5248fed122486d6f219643759ab2f0c285cee
d74888b4cffd8562c2d426b2a2c0837309764b53de6c3815466ce380023a57e8
GET /hit?t52.6;rhttps%3A//zelenka.guru/market/44873032/;s1280*1024*24;uhttps%3A//zelenka.guru/market/44873032/;hBrawl%20stars%2C%20%u0445%u043E%u0440%u043E%u0448%u0438%u0439%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%20%28%u0440%u0430%u0431%u043E%u0447%u0430%u044F%20%u043F%u043E%u0447%u0442%u0430%29%20-%20%u0410%u043A%u043A%u0430%u0443%u043D%u0442%u044B%20Supercell%20-%20Lolzteam%20Market;0.32336402164746303 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Dec 2022 15:46:38 GMT
Content-Type: image/gif
Content-Length: 438
Connection: keep-alive
Expires: Thu, 23 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash 4ad3a9bdf7c16acf5188c13b2fe7e505
7c6558b7baaaf2237d8c40eaa3f7e1f7d7e68323
846e47f58eaca2c2f69997c6d091e6e787f4f57010285216ce6551746ba50126
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73617
date: Sat, 24 Dec 2022 15:46:38 GMT
access-control-allow-origin: *
etag: "63a5613b-11f91"
expires: Sat, 24 Dec 2022 16:46:38 GMT
last-modified: Fri, 23 Dec 2022 11:05:15 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 24 Dec 2022 15:46:39 GMT
access-control-allow-origin: *
etag: "63a5613b-2b"
expires: Sat, 24 Dec 2022 16:46:39 GMT
accept-ranges: bytes
last-modified: Fri, 23 Dec 2022 11:05:15 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/85597711?wmode=7&page-url=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A643%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1544905581703%3Ahid%3A786993034%3Az%3A0%3Ai%3A20221224154637%3Aet%3A1671896797%3Ac%3A1%3Arn%3A553438376%3Arqn%3A1%3Au%3A1671896797654952804%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C111%2C0%2C%2C0%2C%2C367%2C56%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671896796038%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671896797%3At%3ABrawl%20stars%2C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B8%D0%B9%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%20(%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B0%D1%8F%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0)%20-%20%D0%90%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D1%8B%20Supercell%20-%20Lolzteam%20Market&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/85597711?wmode=7&page-url=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A643%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1544905581703%3Ahid%3A786993034%3Az%3A0%3Ai%3A20221224154637%3Aet%3A1671896797%3Ac%3A1%3Arn%3A553438376%3Arqn%3A1%3Au%3A1671896797654952804%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C111%2C0%2C%2C0%2C%2C367%2C56%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671896796038%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671896797%3At%3ABrawl%20stars%2C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B8%D0%B9%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%20(%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B0%D1%8F%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0)%20-%20%D0%90%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D1%8B%20Supercell%20-%20Lolzteam%20Market&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash d9c8eb9149ee217d8c0e4882fc37b6e6
cded873993394775b270bba721375c60f5880fe4
fc5e935d870e4e112a25c678a75a5abcb49ac563c652e91c3b7f5f2a43ae9e49
GET /watch/85597711?wmode=7&page-url=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A643%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1544905581703%3Ahid%3A786993034%3Az%3A0%3Ai%3A20221224154637%3Aet%3A1671896797%3Ac%3A1%3Arn%3A553438376%3Arqn%3A1%3Au%3A1671896797654952804%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C111%2C0%2C%2C0%2C%2C367%2C56%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671896796038%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671896797%3At%3ABrawl%20stars%2C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B8%D0%B9%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%20(%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B0%D1%8F%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0)%20-%20%D0%90%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D1%8B%20Supercell%20-%20Lolzteam%20Market&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zelenka.guru
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/85597711/1?wmode=7&page-url=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A643%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1544905581703%3Ahid%3A786993034%3Az%3A0%3Ai%3A20221224154637%3Aet%3A1671896797%3Ac%3A1%3Arn%3A553438376%3Arqn%3A1%3Au%3A1671896797654952804%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C111%2C0%2C%2C0%2C%2C367%2C56%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671896796038%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671896797%3At%3ABrawl%20stars%2C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B8%D0%B9%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%20%28%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B0%D1%8F%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%29%20-%20%D0%90%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D1%8B%20Supercell%20-%20Lolzteam%20Market&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 24 Dec 2022 15:46:39 GMT
access-control-allow-origin: https://zelenka.guru
set-cookie: yabs-sid=144670411671896799; Path=/; SameSite=None; Secure
i=PGiTDH/8G/kOgpC2zAApPUcmjmIKnIwM7Lz4+jEnr3rtAXWLAuMeFLbGMEta8IkndX84161ddpXpwHIiPABkx80/HCc=; Expires=Tue, 21-Dec-2032 15:46:38 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2897766901671896799; Expires=Sun, 24-Dec-2023 15:46:39 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2897766901671896799; Expires=Sun, 24-Dec-2023 15:46:39 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1703432799.yc.1671896799#1703432799.yrts.1671896799#1703432799.yrtsi.1671896799; Expires=Sun, 24-Dec-2023 15:46:39 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 24-Dec-2022 15:46:39 GMT
last-modified: Sat, 24-Dec-2022 15:46:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-J7RS527GFK>m=2oebu0&_p=1905931429&cid=15927514.1671896797&ul=en-us&sr=1280x1024&_s=1&sid=1671896796&sct=1&seg=0&dl=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&dr=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&dt=Brawl%20stars%2C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B8%D0%B9%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%20(%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B0%D1%8F%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0)%20-%20%D0%90%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D1%8B%20Supercell%20-%20Lolzteam%20Market&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-J7RS527GFK>m=2oebu0&_p=1905931429&cid=15927514.1671896797&ul=en-us&sr=1280x1024&_s=1&sid=1671896796&sct=1&seg=0&dl=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&dr=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&dt=Brawl%20stars%2C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B8%D0%B9%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%20(%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B0%D1%8F%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0)%20-%20%D0%90%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D1%8B%20Supercell%20-%20Lolzteam%20Market&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-J7RS527GFK>m=2oebu0&_p=1905931429&cid=15927514.1671896797&ul=en-us&sr=1280x1024&_s=1&sid=1671896796&sct=1&seg=0&dl=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&dr=https%3A%2F%2Fzelenka.guru%2Fmarket%2F44873032%2F&dt=Brawl%20stars%2C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B8%D0%B9%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%20(%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B0%D1%8F%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0)%20-%20%D0%90%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D1%8B%20Supercell%20-%20Lolzteam%20Market&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zelenka.guru
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://zelenka.guru
date: Sat, 24 Dec 2022 15:46:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10849
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 15:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10849
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 15:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10849
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 15:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10849
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 15:46:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10849
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 15:46:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da0372fd2038366c47d4eaff7e31c329
48a7cd1908c184cbecbb67fd3ec5e5a9208dadf0
f0e09b0931450057e6b5f7fdd6d73de0702b170497d7075464edc168ea74a4a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11295
x-amzn-requestid: fb26918b-7ea2-4134-89d5-2d93fc250d7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkr1ZHxToAMFnvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4f355-7b5d44017abbb9ed5348bb09;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 00:16:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: No42EoC9OuoVPD6lbQ3yqj_cdmhkHwfErYwPjsdMTBP2EEoIPVyyMw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 09:06:19 GMT
age: 24021
etag: "48a7cd1908c184cbecbb67fd3ec5e5a9208dadf0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Es7YaIRVfiybyKGY41ZE5UYSN0bfn6LmOUqcYZASi9QsXQqR9NSwTA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 07:07:36 GMT
age: 31144
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d90b80ebad103c48c3043c8d5e4c3ca
ab36c9309ce13b2a3d075461c2445f76bfc582aa
2287a6db0a6a58c570930c1f94c3b36d7acf383b26cdfa42261eb254598fa7c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7669
x-amzn-requestid: 4b35e79d-21c8-48d7-b11b-44bd820e29d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnROG4UoAMFZdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f3a-765739ad7e9063781ccb12b2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhQA2yVBNtJ04goTms0KXhX6Q4v86TEe4EUioQs3eJzzMsCxbVmykw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:58 GMT
age: 65202
etag: "ab36c9309ce13b2a3d075461c2445f76bfc582aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33d7fa2f0af62e65eb23c36297749038
d28362f2babfde4ca02f309b80be75bfc520de9a
070da72e06d4492a954b130ff6bef5ca5fd625f0fcfee81e801ef26a03d07e2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7478
x-amzn-requestid: b9f7f6d8-fada-45fd-80a7-3ac122dae6fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoYlEbVIAMF_lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62103-15601045320b166c295d24d2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:43:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1lxJbDYXaWwexDy9roJuh8FUu85Vi7qHtkZYBze8SbE2dWCCxH7duw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:01 GMT
age: 64659
etag: "d28362f2babfde4ca02f309b80be75bfc520de9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92387330acabeb3e5475a52f789314e
c27aa6c638e130063905e556d5d2213dcadb690f
b67e7688d3ed7d4a7aaa9bae8c083f296ed9f52986e8bddbcc93ac13ae02a6af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4576
x-amzn-requestid: 81468234-ef31-40ad-b003-2d22e8fd2ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnpAGi8oAMFXBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fd3-0ddf619f2677a5a134334202;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IxJvwJFHYzKzXY7mfM3nIRaRoDVu3auCR-dYq-zI_v77uau1cRT1LA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:04 GMT
age: 64656
etag: "c27aa6c638e130063905e556d5d2213dcadb690f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3071a834e874a992c3b14f7a3f91b30f
559014c7e6e5019097b7da8b3a820a80a1f55b6c
4f8e29303936b4168f0ad765d8a2773a7247f249396147f68f6f9639b1ad1208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 32dbf731-a18f-4150-b3cd-f30d2ab3c6a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoi1GY2oAMFesg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62145-55a5f14a6ea6e7dc3754a8be;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:44:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DC1Eu98-ihibH4I6ZY03Af2PxBrywSyjnoJRR2N453KiYvsa6hGefw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:04 GMT
age: 64656
etag: "559014c7e6e5019097b7da8b3a820a80a1f55b6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zelenka.guru/js/lolzteam/xenforo/xenforo.js?_v=1dff4f8d1
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/js/lolzteam/xenforo/xenforo.js?_v=1dff4f8d1
IP 151.80.169.28:0
Analyzer Verdict Alert fortinet Malware
GET /js/lolzteam/xenforo/xenforo.js?_v=1dff4f8d1 HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 11:02:01 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"63a6dc29-6d26d"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;1,400;1,600&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;1,400;1,600&display=swap
IP 142.250.74.106:0
GET /css2?family=Open+Sans:ital,wght@0,400;0,600;1,400;1,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Dec 2022 15:46:38 GMT
date: Sat, 24 Dec 2022 15:46:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zelenka.guru/styles/market/newyear-logomarket-536px.svg
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/styles/market/newyear-logomarket-536px.svg
IP 151.80.169.28:0
Analyzer Verdict Alert fortinet Malware
GET /styles/market/newyear-logomarket-536px.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/css.php?css=xenforo,form,public&style=9&dir=LTR&d=1671889473
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 19:11:17 GMT
etag: W/"6398ce55-46b8"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/users.svg
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/styles/mm/users.svg
IP 151.80.169.28:0
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/users.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 05 Sep 2022 09:36:33 GMT
etag: W/"6315c321-70b"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
zelenka.guru/js/lolzteam/FroalaEditor/fix.js?_v=1dff4f8d
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/js/lolzteam/FroalaEditor/fix.js?_v=1dff4f8d
IP 151.80.169.28:0
GET /js/lolzteam/FroalaEditor/fix.js?_v=1dff4f8d HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:40:21 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"63a6f335-4b18"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
zelenka.guru/js/lolzteam/mmenu-light.js?_v=1dff4f8d
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/js/lolzteam/mmenu-light.js?_v=1dff4f8d
IP 151.80.169.28:0
Analyzer Verdict Alert fortinet Malware
GET /js/lolzteam/mmenu-light.js?_v=1dff4f8d HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 11:35:26 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"636e337e-984"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
zelenka.guru/styles/mm/profile.svg
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/styles/mm/profile.svg
IP 151.80.169.28:0
Analyzer Verdict Alert fortinet Malware
GET /styles/mm/profile.svg HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 05 Sep 2022 09:36:33 GMT
etag: W/"6315c321-b7c"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
zelenka.guru/js/lolzteam/im/mustache.min.js
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/js/lolzteam/im/mustache.min.js
IP 151.80.169.28:0
Analyzer Verdict Alert fortinet Malware
GET /js/lolzteam/im/mustache.min.js HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: application/javascript
last-modified: Mon, 23 May 2022 09:52:26 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"628b595a-26e1"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
zelenka.guru/js/lolzteam/FroalaEditor/utility.js?_v=1dff4f8d
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/js/lolzteam/FroalaEditor/utility.js?_v=1dff4f8d
IP 151.80.169.28:0
Analyzer Verdict Alert fortinet Malware
GET /js/lolzteam/FroalaEditor/utility.js?_v=1dff4f8d HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 20:49:18 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"63a3714e-d66"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
zelenka.guru/js/market/core.min.js?25&_v=1dff4f8d
151.80.169.28200 OK 0 B URL HTTP/2 zelenka.guru/js/market/core.min.js?25&_v=1dff4f8d
IP 151.80.169.28:0
GET /js/market/core.min.js?25&_v=1dff4f8d HTTP/1.1
Host: zelenka.guru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelenka.guru/market/44873032/
Cookie: sfwefwe=7d0c17287f652c7263c275df0e332489; xf_market_items_viewed=44873032; xf_session=351d38cf16c957aca252b16d8b14c18e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 15:46:38 GMT
content-type: application/javascript
last-modified: Sat, 24 Dec 2022 12:40:23 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"63a6f337-f413"
expires: Tue, 27 Dec 2022 15:46:38 GMT
cache-control: max-age=259200
access-control-allow-origin: https://lzt.market
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: x-ajax-referer
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2