tk3.clan.su/forum/20-137-1
193.109.247.239301 Moved Permanently 178 B URL HTTP/1.1 tk3.clan.su/forum/20-137-1
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET /forum/20-137-1 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 29 Nov 2022 22:29:54 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://tk3.clan.su/forum/20-137-1
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Wed, 30 Nov 2022 00:16:46 GMT
Date: Tue, 29 Nov 2022 22:29:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3651
Content-Type: text/html
Date: Tue, 29 Nov 2022 22:29:44 GMT
Etag: "63866bad-37"
Last-Modified: Tue, 29 Nov 2022 20:29:33 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 55
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 22:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 709
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8603
Expires: Wed, 30 Nov 2022 00:53:07 GMT
Date: Tue, 29 Nov 2022 22:29:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wtczh+ETbHuTSVYtum5fULuAbBHZW/Os/x56kNnMuSIDlfMRXES7IkYHuYsWVAIr2tGdDssYa8E=
x-amz-request-id: VCJC5GHVHAB5Q0K0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 21:44:58 GMT
age: 2686
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 22:29:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 22:08:56 GMT
cache-control: public,max-age=3600
age: 1248
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1471
Cache-Control: max-age=126094
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 22:29:45 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:31:19 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EoK+GwQtUOhQzpdGR29ZTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KQZOk3jgpT2xc2Dv45H00aWa4Mc=
tk3.clan.su/forum/20-137-1
193.109.247.239200 OK 22 kB URL HTTP/1.1 tk3.clan.su/forum/20-137-1
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3546)
Hash e41a309af5b573b3f60c90e306a933e0
9b2f96e53ce312ea3b27f6cd75512bc9ad8b7ed8
12a986c83ee445826a37bdfbf011d0ff1f966e0dd054675502b1b88497bb4466
Analyzer Verdict Alert fortinet Phishing
GET /forum/20-137-1 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6tk3uCoz=; path=/; expires=Sun, 29-Nov-2020 22:29:56 GMT; Secure; HttpOnly; domain=.tk3.clan.su
6tk3uzfss=lt%3D1669760996%2Cpst%3D1669742996; path=/forum; expires=Wed, 29-Nov-2023 22:29:56 GMT; Secure; domain=.tk3.clan.su
6tk3f0=; path=/forum; expires=Wed, 29-Nov-2023 22:29:56 GMT; Secure; domain=.tk3.clan.su
6tk3pushi=1; path=/; expires=Wed, 30-Nov-2022 21:29:56 GMT; Secure
Pragma: no-cache
Vary: host
Last-Modified: Tue, 29 Nov 2022 22:15:45 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
tk3.clan.su/?7O1R%5ECYQlJOdbSaEWJUPQVuV2OYInGM0CW%5Ecc%21zmwqy341ptufEN%3BP1y9qrbOnKNuhYrCKqExpbI7u58Mwd%21Z6x4il9m6HHvW8VLvi9g01Vviyi0An6S1EjUpFQXIS9kKtDRzB%3BTNVd3z32hv2InYlahY94iHFB1A25RG4mMw1q0yWXrtsav4t0VzXM7EErcws%3BlKpDyuViW3sHsn7Eo
193.109.247.239200 OK 1.1 kB URL HTTP/1.1 tk3.clan.su/?7O1R%5ECYQlJOdbSaEWJUPQVuV2OYInGM0CW%5Ecc%21zmwqy341ptufEN%3BP1y9qrbOnKNuhYrCKqExpbI7u58Mwd%21Z6x4il9m6HHvW8VLvi9g01Vviyi0An6S1EjUpFQXIS9kKtDRzB%3BTNVd3z32hv2InYlahY94iHFB1A25RG4mMw1q0yWXrtsav4t0VzXM7EErcws%3BlKpDyuViW3sHsn7Eo
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
Hash f6827573bd82906fd98a130116fe5056
66660738b65290fb635a7737c3b7e27c87e12d93
59ef18d19fffe5b69d2490a594f4dc49175014c66a7ebc14616c71de90be63a9
Analyzer Verdict Alert fortinet Phishing
GET /?7O1R%5ECYQlJOdbSaEWJUPQVuV2OYInGM0CW%5Ecc%21zmwqy341ptufEN%3BP1y9qrbOnKNuhYrCKqExpbI7u58Mwd%21Z6x4il9m6HHvW8VLvi9g01Vviyi0An6S1EjUpFQXIS9kKtDRzB%3BTNVd3z32hv2InYlahY94iHFB1A25RG4mMw1q0yWXrtsav4t0VzXM7EErcws%3BlKpDyuViW3sHsn7Eo HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 22:29:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
142.250.74.164200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP 142.250.74.164:0
File type ASCII text, with very long lines (905), with no line terminators
Hash fe0e23ea2d335147e24f50690aa39c7c
ef74d6655ba8efb294f7ed55e6be16d315381edd
fcccb37edb611bf2580bf74646d25e4fb3660d305c66de3c8571bedfc2dac228
GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 29 Nov 2022 22:29:45 GMT
date: Tue, 29 Nov 2022 22:29:45 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 22:29:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tk3.clan.su/_st/my.css
193.109.247.239200 OK 3.6 kB IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type assembler source, ASCII text
Hash 6864465137b2546eb44e85ec47d506c9
5fb39d23ee7b9888dae11d14ed3873de2bce56b3
5c36df28840f3f800a963b9871c60e4ac7b8a6976e04e9a785089aef1983eea4
GET /_st/my.css HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/css
Last-Modified: Wed, 11 Jun 2008 01:00:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"484f23a1-41ae"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
tk3.clan.su/.s/src/base.min.css
193.109.247.239200 OK 6.1 kB URL HTTP/1.1 tk3.clan.su/.s/src/base.min.css
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (24443), with no line terminators
Hash 629527310ba26cfc236c016e14662321
7a87daed5934db9729f12653e67c8de9d4365d58
134e836199a74c0b501c4e1a46dd3625f4696dc608d1052136ee455c2c2d2509
GET /.s/src/base.min.css HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 13:44:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6345734f-5f7b"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
tk3.clan.su/script/topmsg.js
193.109.247.239200 OK 959 B URL HTTP/1.1 tk3.clan.su/script/topmsg.js
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
Hash 56d9466b02d9cf67e688d65ea0f85380
e4df1e2db2d39f005b7c6ac38bb63125b5773711
846847f02ad1c3cc6bc8aefa9e3469a9f584517dac86034627ac5be1dbb76809
Analyzer Verdict Alert fortinet Phishing
GET /script/topmsg.js HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/javascript
Last-Modified: Tue, 03 Jun 2008 00:34:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4844917b-af9"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
tk3.clan.su/?Vstu6NkZ8GC7L4NdmwKY1cOFs55%5EuwI0JK%5EtyUUD%218xKfIJ3vKADuk4Xfv3FX1%5EC33LuECDzpx3IRjj%5E95q5D1%218uUvKC1WHMywdF6uAiWdwiSpN7v%21Ldb21eST7wBZXPqEwVqzEYT%21z27j3bfQEquXd9ymN2gLEPMcmhjsEHL92gZy1psg0EhKla5wXH0cFCy9BXSqPOSpHlx%3Bo
193.109.247.239200 OK 811 B URL HTTP/1.1 tk3.clan.su/?Vstu6NkZ8GC7L4NdmwKY1cOFs55%5EuwI0JK%5EtyUUD%218xKfIJ3vKADuk4Xfv3FX1%5EC33LuECDzpx3IRjj%5E95q5D1%218uUvKC1WHMywdF6uAiWdwiSpN7v%21Ldb21eST7wBZXPqEwVqzEYT%21z27j3bfQEquXd9ymN2gLEPMcmhjsEHL92gZy1psg0EhKla5wXH0cFCy9BXSqPOSpHlx%3Bo
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
Hash 4a33e7cd7558f3f5a86d0fc27aee8c90
50fc0ad44d3917690997ca278091e53d0d575362
d6304d22c2821d367e3697cb9fa4e6dbeb093b8634fccd35312664d30d72b330
Analyzer Verdict Alert fortinet Phishing
GET /?Vstu6NkZ8GC7L4NdmwKY1cOFs55%5EuwI0JK%5EtyUUD%218xKfIJ3vKADuk4Xfv3FX1%5EC33LuECDzpx3IRjj%5E95q5D1%218uUvKC1WHMywdF6uAiWdwiSpN7v%21Ldb21eST7wBZXPqEwVqzEYT%21z27j3bfQEquXd9ymN2gLEPMcmhjsEHL92gZy1psg0EhKla5wXH0cFCy9BXSqPOSpHlx%3Bo HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
tk3.clan.su/.s/src/layer6.min.css
193.109.247.239200 OK 5.3 kB URL HTTP/1.1 tk3.clan.su/.s/src/layer6.min.css
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (22098), with no line terminators
Hash 2580ce15af347707c568243d05cb6810
fba774a14a47017071aae048807d212e37c1d04d
a78ab9553bd3baefd4148deb2aa641aa76f12729c341fbb9f05ad2c571391723
GET /.s/src/layer6.min.css HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/css
Last-Modified: Tue, 11 Oct 2022 12:50:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6345668d-5652"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
tk3.clan.su/.s/src/ulightbox/ulightbox.min.css
193.109.247.239200 OK 1.4 kB URL HTTP/1.1 tk3.clan.su/.s/src/ulightbox/ulightbox.min.css
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (4552), with no line terminators
Hash 9c03edbcbefe3eea8902981444de96f7
ca39997a1765ab084fb7e6740858176b9385c4ca
8487aa6ee4bd261bdf1f5b681cf96d347cd980ed45183c5a2a9571db6c891a08
GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
tk3.clan.su/.s/src/ulightbox/ulightbox.min.js
193.109.247.239200 OK 7.6 kB URL HTTP/1.1 tk3.clan.su/.s/src/ulightbox/ulightbox.min.js
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (22291), with no line terminators
Hash 3bb3aaa5262067cec461b32298975b05
4e11bfe49cd05fcdbd1e692fc87788da07e62161
61fa91bb508bfda7ee487ffaf0e38aa71cfab1ce78bb108d6c6140dc9b35ab22
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/javascript
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-5713"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
s4.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.346562359013859
193.109.247.239200 OK 0 B URL HTTP/1.1 s4.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.346562359013859
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.346562359013859 HTTP/1.1
Host: s4.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
tk3.clan.su/.s/src/jquery-3.6.0.min.js
193.109.247.239200 OK 31 kB URL HTTP/1.1 tk3.clan.su/.s/src/jquery-3.6.0.min.js
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (65447)
Hash 08df9f54c9e2e91db3aadc1baff368a5
a8e6c9343489d3c36cf262a10f59d22540248c49
417453d1fcaba01d9543b7649fc12ee865e118714d5f86a8316216e9bb4fdd20
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/jquery-3.6.0.min.js HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/javascript
Last-Modified: Thu, 01 Sep 2022 17:43:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef5d-15d9d"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
tk3.clan.su/.s/src/uwnd.min.js
193.109.247.239200 OK 57 kB URL HTTP/1.1 tk3.clan.su/.s/src/uwnd.min.js
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20adfead3a54ad11599adb1bab3d6fc6
23bb516448d5c643cb186ad9aec426388aa79dfd
b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4
Analyzer Verdict Alert fortinet Phishing
GET /.s/src/uwnd.min.js HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
tk3.clan.su/image/icon/p_profile.gif
193.109.247.239200 OK 287 B URL HTTP/1.1 tk3.clan.su/image/icon/p_profile.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 47 x 12\012- data
Hash 7e7063436315cc1a29179de7e30bf130
5ded81345f20a2d607165b58b22a04c0800140d6
8a3de824aae63ae756aea3534cccc4b8dd48d3ebf089c1cb2645f51d7339882d
GET /image/icon/p_profile.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 287
Last-Modified: Wed, 23 Apr 2008 19:21:36 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c40-11f"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
src.ucoz.net/sm/23/biggrin.gif
195.216.243.221200 OK 467 B URL HTTP/1.1 src.ucoz.net/sm/23/biggrin.gif
IP 195.216.243.221:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 97c84d06a265a30be2f4bf1f63a1d452
763e3c3ca54ff60b358d8a6e1511a9731f103093
6e93db19553909adf2f7dddecb69b0de52ad1d6685002cff865c171bff86114b
GET /sm/23/biggrin.gif HTTP/1.1
Host: src.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:40 GMT
Content-Type: image/gif
Content-Length: 467
Last-Modified: Wed, 01 Apr 2009 09:03:25 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "49d32ddd-1d3"
Expires: Fri, 09 Dec 2022 22:29:40 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
tk3.clan.su/avatar/51/7196-699449.jpg
193.109.247.239200 OK 5.1 kB URL HTTP/1.1 tk3.clan.su/avatar/51/7196-699449.jpg
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 110x110, components 3\012- data
Hash 9d9f8bd0b369c388a51e294c4d221140
b698679c4faa0e1e281c18f9e2283e8aa3601bd3
0c856b8075c54d01fe1fd09c744c77fa3221c55e4b50d55b4a93cd58177fd7d9
GET /avatar/51/7196-699449.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/jpeg
Content-Length: 5142
Last-Modified: Tue, 30 Aug 2016 03:51:50 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "57c502d6-1416"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/image/icon/p_www.gif
193.109.247.239200 OK 351 B URL HTTP/1.1 tk3.clan.su/image/icon/p_www.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 28 x 12\012- data
Hash 5023192b204be568c2a55faba66161ab
6e977eb49b8204c8cbf951ef58562c6735799097
3a4e2287cbf1c00807a468c8430e3d24c6375623bf5de7cb480974c6f511a1cd
GET /image/icon/p_www.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 351
Last-Modified: Wed, 23 Apr 2008 19:21:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c4c-15f"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/image/icon/p_up.gif
193.109.247.239200 OK 144 B URL HTTP/1.1 tk3.clan.su/image/icon/p_up.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 12 x 12\012- data
Hash 0fbf4fcc0fb8f606a89b54e7f7442c14
29e531351fcbb54429e58459c6404a2f11019bd1
7bf33a8355a7957c813ee581822126b006e53573427ba58670f9cbe306ad2e3d
GET /image/icon/p_up.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 144
Last-Modified: Wed, 23 Apr 2008 19:21:44 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c48-90"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/image/avatar.gif
193.109.247.239200 OK 10 kB URL HTTP/1.1 tk3.clan.su/image/avatar.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 110 x 110\012- data
Hash 99db82236dfb7eb4dbbfc5591c8859e5
f0bacb576ee146b1ab4e61fd916bedb528ba48ed
2c790f4ce263a342d5d5ef6576203c78be71f935f7518076858155a425600ca0
GET /image/avatar.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 9982
Last-Modified: Sun, 07 Sep 2008 17:40:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c411fd-26fe"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.ucoz.ru/status/admin.gif
195.216.243.102200 OK 1.4 kB URL HTTP/1.1 tk3.ucoz.ru/status/admin.gif
IP 195.216.243.102:0
File type GIF image data, version 89a, 64 x 12\012- data
Hash 00f16e507b1827be63c291552f162de3
3257100bec5ca96dd378425b5c10f8029ea0b9a0
20acc63f00ec4c56f073bdfbfc968c10860dce61df74630bfed5ad38aa3dd31a
GET /status/admin.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:54 GMT
Content-Type: image/gif
Content-Length: 1411
Last-Modified: Fri, 04 Apr 2008 06:49:51 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "47f5cf8f-583"
Expires: Mon, 19 Dec 2022 22:29:54 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.ucoz.ru/status/power_user.gif
195.216.243.102200 OK 2.0 kB URL HTTP/1.1 tk3.ucoz.ru/status/power_user.gif
IP 195.216.243.102:0
File type GIF image data, version 89a, 64 x 12\012- data
Hash 5200183d002b936884575dc52e82a7c3
e19149fe07cb716206ec9878ed0d8750086d62c2
d9f0e037906caea0fb03d28ef9d17c2d12f29f255dbc0d2884c3d1f657d1d3e8
GET /status/power_user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:54 GMT
Content-Type: image/gif
Content-Length: 2030
Last-Modified: Fri, 04 Apr 2008 06:50:08 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "47f5cfa0-7ee"
Expires: Mon, 19 Dec 2022 22:29:54 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/image/icon/p_icq.gif
193.109.247.239200 OK 352 B URL HTTP/1.1 tk3.clan.su/image/icon/p_icq.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 28 x 12\012- data
Hash 6676374b78a919e8dc78df1708898694
86475187928e68387c548acf926c97220e9f2bfc
603d4c83573870a231b73815301aeefe10b6f1614d583aef7043b932f0c835b2
GET /image/icon/p_icq.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 352
Last-Modified: Wed, 23 Apr 2008 19:21:29 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c39-160"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.ucoz.ru/status/user.gif
195.216.243.102200 OK 1.4 kB URL HTTP/1.1 tk3.ucoz.ru/status/user.gif
IP 195.216.243.102:0
File type GIF image data, version 89a, 64 x 12\012- data
Hash ebba6ed2311768ffb79f000bc8f91c6a
41e2290d783f96e6e57125740c6ba5fbd4af13f5
2752715259d57c3eb6d62e547494123d2465eb7d120836868cd220b3f279ae2e
GET /status/user.gif HTTP/1.1
Host: tk3.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:54 GMT
Content-Type: image/gif
Content-Length: 1410
Last-Modified: Fri, 04 Apr 2008 06:50:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "47f5cfa5-582"
Expires: Mon, 19 Dec 2022 22:29:54 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/avatar/38/2504-877734.jpg
193.109.247.239200 OK 34 kB URL HTTP/1.1 tk3.clan.su/avatar/38/2504-877734.jpg
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2008:06:26 23:46:49], progressive, precision 8, 110x110, components 3\012- data
Hash 7fcd9d6056fede65898f0ca907cec796
a6765913d0f1b46b91e97d9c80ea5a178a40e143
e6387ca224f1357e0814c20895676219f6e7133e162ead814c3ecb10f716f452
GET /avatar/38/2504-877734.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/jpeg
Content-Length: 33474
Last-Modified: Fri, 20 May 2016 07:09:07 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "573eb813-82c2"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/style/1.gif
193.109.247.239200 OK 826 B IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 9 x 9\012- data
Hash 1f1b16416ebfbb801f969af2502ea82c
cb7e1dd0f6084e945fae05e901dbc0cae47e4edf
65daea5c6705a8b09c2e8956448bb9e7920d08c3986899c0d2be7c5ff6c73aba
GET /style/1.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 826
Last-Modified: Sun, 06 Jan 2008 17:56:33 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "47811651-33a"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/style/4.gif
193.109.247.239200 OK 787 B IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 23 x 23\012- data
Hash 0507a3173a48c496fd3d0b50fd153be9
9b6adac8b643bfeb46771d74bbfe549049be04ae
9c774c14bced85b9769f251fb46435d326702197bb3456ec0c89f12bc8c4dcd6
GET /style/4.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 787
Last-Modified: Mon, 08 Sep 2008 21:47:23 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c59d6b-313"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
src.ucoz.ru/t/984/1.gif
193.109.246.58200 OK 123 B IP 193.109.246.58:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 9 x 9\012- data
Hash d6757bcf9148d36a51e294b2142b140f
13e4779784eeb6a3931b28d91e827eef0e5d12e7
a24727ed8baa6920f8bf384db0884df864d6a723d81f4f9d95aa4d585635f28b
GET /t/984/1.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:49 GMT
Content-Type: image/gif
Content-Length: 123
Last-Modified: Fri, 01 Apr 2016 13:34:32 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e8-7b"
Expires: Fri, 09 Dec 2022 22:29:49 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
src.ucoz.ru/t/984/8.gif
193.109.246.58200 OK 72 B IP 193.109.246.58:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 10 x 10\012- data
Hash f9d4d09e822eafeb8fe7310a7826eea2
abc73eb82dcee44b8003f1c69494c0bddf742746
9a7eac9c050276a3de116ee8fe986f50d23ffbb4b258de431efcee541ebe6266
GET /t/984/8.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:49 GMT
Content-Type: image/gif
Content-Length: 72
Last-Modified: Fri, 01 Apr 2016 13:34:32 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e8-48"
Expires: Fri, 09 Dec 2022 22:29:49 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
tk3.clan.su/style/6.gif
193.109.247.239200 OK 808 B IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 3 x 6\012- data
Hash cd87b0af7870a612db000816a13c6815
528430cde09d04cd49bacc138eb61c619508f450
e82e65e717445916c4d6c00f3eeb23740cdbfed02cf9aaaaf4e0711c6a02b686
GET /style/6.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 808
Last-Modified: Sun, 06 Jan 2008 17:55:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "478115f4-328"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
src.ucoz.ru/t/984/15.gif
193.109.246.58200 OK 187 B IP 193.109.246.58:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 4 x 21\012- data
Hash 04246ae87fd5014d08d44f7813b62241
3faabb86fd79a5ae544e162ab81b663b218e75b5
f442593d0354ec444223d73251629b609eef7d083dba71ee57aba8d94bd73fac
GET /t/984/15.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:49 GMT
Content-Type: image/gif
Content-Length: 187
Last-Modified: Fri, 01 Apr 2016 13:34:32 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e8-bb"
Expires: Fri, 09 Dec 2022 22:29:49 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
tk3.clan.su/style/5_1.jpg
193.109.247.239200 OK 27 kB URL HTTP/1.1 tk3.clan.su/style/5_1.jpg
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2008:09:09 00:51:08], baseline, precision 8, 180x23, components 3\012- data
Hash 0aaba67f87f7d619b9bba23e212d0452
3d647528b5ecdf90eb30374b3adce03b0caa5a1e
eb59305d3e2ad0663b48527403099d90ad1683e06a47f1c8ff9121b8cd34160f
GET /style/5_1.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/jpeg
Content-Length: 26778
Last-Modified: Mon, 08 Sep 2008 21:51:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c59e50-689a"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/stat/0.34994070320876225?03
193.109.247.239302 Found 216 B URL HTTP/1.1 tk3.clan.su/stat/0.34994070320876225?03
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6c70cc8d3c0d88d8c4fb5b9b6398da07
f8aa728d11339eb81f8e439bacbe022686455ebc
2e5083e86f7817350fd12be2cadd1bd9e09ffeced9af58b8b8d3debfdad231aa
Analyzer Verdict Alert fortinet Phishing
GET /stat/0.34994070320876225?03 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6tk3ucnid=PGzU42vcSf; domain=tk3.clan.su; path=/stat/94149970; expires=Tue, 29-Nov-2022 22:30:06 GMT
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://tk3.clan.su/stat/94149970?13
tk3.clan.su/image/icon/t_poll.gif
193.109.247.239200 OK 352 B URL HTTP/1.1 tk3.clan.su/image/icon/t_poll.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 70 x 12\012- data
Hash ff1c2710ca54bbc3200564a66a4355ad
859dd7bc26406fce197afacec81c72b1b0707152
62d9167ae06ac9b4054d001af52a60e369ec83dd5006c703674576787735b2e0
GET /image/icon/t_poll.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 352
Last-Modified: Wed, 23 Apr 2008 19:22:02 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c5a-160"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/?JnPWa6BgRUMwITg%3Bvb%5EpigTLdvV%3B2mbgeYm0l9eDXFa%21xvJdMmW98pBMvBN4tpnvhl00%5EYsUdtwhYIiO
193.109.247.239200 OK 799 B URL HTTP/1.1 tk3.clan.su/?JnPWa6BgRUMwITg%3Bvb%5EpigTLdvV%3B2mbgeYm0l9eDXFa%21xvJdMmW98pBMvBN4tpnvhl00%5EYsUdtwhYIiO
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d0664b81c5b08a3691696394eb14b366
3cbad09e581a4264ae42aa9029b9efc697908c00
f14c56b17b558c9ee0be625bc78f5878dfedec2e2eb7272e7ad6f966d6359ee3
Analyzer Verdict Alert fortinet Phishing
GET /?JnPWa6BgRUMwITg%3Bvb%5EpigTLdvV%3B2mbgeYm0l9eDXFa%21xvJdMmW98pBMvBN4tpnvhl00%5EYsUdtwhYIiO HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip
src.ucoz.ru/t/984/2.gif
193.109.246.58200 OK 46 B IP 193.109.246.58:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 6 x 2\012- data
Hash 01f0dc9c8c733667f88395ff66065eb6
e856f1d032844e41794b898f2e01173da51b4cc3
8742bd93ec0583f2ab4d58e14895461df701a8938bf1ddaba3bfc004d979079a
GET /t/984/2.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:50 GMT
Content-Type: image/gif
Content-Length: 46
Last-Modified: Fri, 01 Apr 2016 13:34:32 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e8-2e"
Expires: Fri, 09 Dec 2022 22:29:50 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
tk3.clan.su/image/icon/t_reply.gif
193.109.247.239200 OK 321 B URL HTTP/1.1 tk3.clan.su/image/icon/t_reply.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 61 x 12\012- data
Hash 4cbabe760cd23595d48327f644db96ac
49c3a1a7dd3a7c46deff0e170dec4b253bdeae81
9e2d27180c9ef09d72ec8d35cae437411e5063311e60bf076c69210767979909
GET /image/icon/t_reply.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 321
Last-Modified: Wed, 23 Apr 2008 19:22:06 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c5e-141"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/avatar/08/3846-051017.jpg
193.109.247.239200 OK 5.2 kB URL HTTP/1.1 tk3.clan.su/avatar/08/3846-051017.jpg
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=Paint.NET v3.22], baseline, precision 8, 110x119, components 3\012- data
Hash 5e7279b898ab358b313acf2a078996ee
b639bae33147272fc491598935349a29bc24902b
e0f3846e0cf4c4953bb943145436e6f0e5a9b4f0152aafc3da07078bce543b06
GET /avatar/08/3846-051017.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/jpeg
Content-Length: 5160
Last-Modified: Wed, 25 May 2016 02:11:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "574509bf-1428"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/style/bgblock.jpg
193.109.247.239200 OK 95 kB URL HTTP/1.1 tk3.clan.su/style/bgblock.jpg
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2008:05:28 23:20:48], baseline, precision 8, 400x400, components 3\012- data
Hash e3d547488d67a4f0b78386bdaf180605
5662d9e41bffc18d3d2cd9bf8ade50028c0a78b5
e7bbe6c3aa301932978806741200261d16ca824cafbb3eea0e6c2344e0f92c92
GET /style/bgblock.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/jpeg
Content-Length: 95042
Last-Modified: Wed, 28 May 2008 20:20:14 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "483dbe7e-17342"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/stat/94149970?13
193.109.247.239200 OK 421 B URL HTTP/1.1 tk3.clan.su/stat/94149970?13
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 87a, 88 x 31\012- data
Hash b41a26eb7d451a763f8a891a1a7e34cf
fb352f18e32985b65eed7a1ae66c88fa8ed8fe23
5fdc25014e88f0bd8af28bcac36fa2b49d76ff12df148b5e27063d68d6d133c6
Analyzer Verdict Alert fortinet Phishing
GET /stat/94149970?13 HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tk3.clan.su/forum/20-137-1
Connection: keep-alive
Cookie: 6tk3ucnid=PGzU42vcSf; 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: ucvid=CQIuP31VXO; domain=clan.su; path=/; expires=Wed, 29-Nov-2023 22:29:56 GMT
tk3.clan.su/image/icon/t_new.gif
193.109.247.239200 OK 328 B URL HTTP/1.1 tk3.clan.su/image/icon/t_new.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 64 x 12\012- data
Hash 6a379f736f17ba61e26d26c1c2cd7e10
fc28c9e0dc5a880bf64f6580eab33ecdcffa3cfd
5a6f6cd3a949578876360d3f4680cf6553f7c92cbd17a69bece2480dea94e2ad
GET /image/icon/t_new.gif HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 328
Last-Modified: Wed, 23 Apr 2008 19:21:52 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "480f8c50-148"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
s4.ucoz.net/adv/dummy/000/css/style.css
193.109.247.239200 OK 1.6 kB URL HTTP/1.1 s4.ucoz.net/adv/dummy/000/css/style.css
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
Hash 50406c447ccad47ca9e5d53eff612ffb
16e3921585135a87a1066689c9c67a312d96c92d
01a0732bba96fb38be885a1d233fecf52e32c7e07e48cd05f6f07a3690ea304c
GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s4.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a3701-19eb"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfa86a83740e065e1520c64753df3869
3b7ec8fc3eba7173cafaed1b384b8ad2e82889ea
4d461b9ab4a10a5a1ee6e25ddc519c74f069503f37d9adec105fe9fc19e3390d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D461B9AB4A10A5A1EE6E25DDC519C74F069503F37D9ADEC105FE9FC19E3390D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Tue, 29 Nov 2022 23:37:08 GMT
Date: Tue, 29 Nov 2022 22:29:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfa86a83740e065e1520c64753df3869
3b7ec8fc3eba7173cafaed1b384b8ad2e82889ea
4d461b9ab4a10a5a1ee6e25ddc519c74f069503f37d9adec105fe9fc19e3390d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D461B9AB4A10A5A1EE6E25DDC519C74F069503F37D9ADEC105FE9FC19E3390D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Tue, 29 Nov 2022 23:37:08 GMT
Date: Tue, 29 Nov 2022 22:29:46 GMT
Connection: keep-alive
s4.ucoz.net/adv/dummy/000/img/ucoz-logo.png
193.109.247.239200 OK 4.6 kB URL HTTP/1.1 s4.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2
GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s4.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:17 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a3701-11e9"
Accept-Ranges: bytes
rot.spotsniper.ru/?src=ujs6
31.172.81.158200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
rot.spotsniper.ru/?src=ujs6&s_subid=btn
31.172.81.158200 OK 1 B URL HTTP/1.1 rot.spotsniper.ru/?src=ujs6&s_subid=btn
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?src=ujs6&s_subid=btn HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 22:29:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
216.58.207.225200 OK 60 kB URL HTTP/2 themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP 216.58.207.225:0
File type Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Hash 0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tk3.clan.su
Connection: keep-alive
Referer: https://s4.ucoz.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 60332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:13:25 GMT
expires: Wed, 29 Nov 2023 15:13:25 GMT
cache-control: public, max-age=31536000
age: 26181
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s4.ucoz.net/adv/dummy/000/img/bg.gif
193.109.247.239200 OK 1.3 kB URL HTTP/1.1 s4.ucoz.net/adv/dummy/000/img/bg.gif
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type GIF image data, version 89a, 485 x 3\012- data
Hash b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50
GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s4.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s4.ucoz.net/adv/dummy/000/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:17 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a3701-4f4"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 22:29:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tk3.clan.su/favicon.ico
193.109.247.239200 OK 3.3 kB IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type MS Windows icon resource - 1 icon, 32x32, 24 colors, 24 bits/pixel\012- data
Hash 2a6628d3a0f47ecf699cd1f61a103699
892810686f1fe3a4d4d8d8bcbfe2160e095d5e6e
c99515dd7166fac9ec039b84803350534802c97182009b719a8a40b91655ac9c
GET /favicon.ico HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1; ucvid=CQIuP31VXO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/x-icon
Content-Length: 3262
Last-Modified: Mon, 08 Sep 2008 13:20:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c526a9-cbe"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
tk3.clan.su/style/logo-beta.jpg
193.109.247.239200 OK 185 kB URL HTTP/1.1 tk3.clan.su/style/logo-beta.jpg
IP 193.109.247.239:0
ASN #204343 Compubyte Limited
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2008:09:07 19:01:58], baseline, precision 8, 978x160, components 3\012- data
Size 185 kB (185283 bytes)
Hash 8a7048387238516550b614acb4db10d6
bb000d36172cc888e5886fbd85c9abc04e1cb1b2
3fa06d04fc73924c20016f268f6f52fea4fff17b170831b53842e425f6bb73d5
GET /style/logo-beta.jpg HTTP/1.1
Host: tk3.clan.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/forum/20-137-1
Cookie: 6tk3pushi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:56 GMT
Content-Type: image/jpeg
Content-Length: 185283
Last-Modified: Sun, 07 Sep 2008 16:03:38 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "48c3fb5a-2d3c3"
Expires: Mon, 19 Dec 2022 22:29:56 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
db.cc.b1.a1.top.list.ru/counter?id=1166328;t=55
95.163.52.67302 Moved Temporarily 0 B URL HTTP/1.1 db.cc.b1.a1.top.list.ru/counter?id=1166328;t=55
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?id=1166328;t=55 HTTP/1.1
Host: db.cc.b1.a1.top.list.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://top-fwz1.mail.ru/counter?id=1166328;t=55;ver=30
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: private, no-cache, no-store, max-age=0
Pragma: no-cache
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Accept-CH-Lifetime: 86400
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js
142.250.74.35200 OK 167 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (1329)
Size 167 kB (167119 bytes)
Hash e269c265007dcb5ecc3f2aa6155bc52a
cb8eed3b2684c2767bf45d652f6d630740051d04
85d7f1b40b063a3a07449151918eb63b85f2c6ff5d54936618a1a737ab5c7dbf
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tk3.clan.su
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 167119
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 20:27:34 GMT
expires: Tue, 28 Nov 2023 20:27:34 GMT
cache-control: public, max-age=31536000
age: 93732
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 5bf65d887a6fe9aa3ed0c9cc54cd05dd
7de5169e64f5f67299d51cfa1e7409319a346ebb
d78e87f0185c2739f7c9571308507032519e2839f2eb129e04d0e14624455ef6
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 03 Dec 2022 20:01:12 GMT
ETag: "7de5169e64f5f67299d51cfa1e7409319a346ebb"
Last-Modified: Tue, 29 Nov 2022 20:01:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 864
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771ec8b54915b4fa-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 5bf65d887a6fe9aa3ed0c9cc54cd05dd
7de5169e64f5f67299d51cfa1e7409319a346ebb
d78e87f0185c2739f7c9571308507032519e2839f2eb129e04d0e14624455ef6
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 03 Dec 2022 20:01:12 GMT
ETag: "7de5169e64f5f67299d51cfa1e7409319a346ebb"
Last-Modified: Tue, 29 Nov 2022 20:01:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 864
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771ec8b54d06fabc-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 5bf65d887a6fe9aa3ed0c9cc54cd05dd
7de5169e64f5f67299d51cfa1e7409319a346ebb
d78e87f0185c2739f7c9571308507032519e2839f2eb129e04d0e14624455ef6
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 03 Dec 2022 20:01:12 GMT
ETag: "7de5169e64f5f67299d51cfa1e7409319a346ebb"
Last-Modified: Tue, 29 Nov 2022 20:01:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 864
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771ec8b54cecb527-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 5bf65d887a6fe9aa3ed0c9cc54cd05dd
7de5169e64f5f67299d51cfa1e7409319a346ebb
d78e87f0185c2739f7c9571308507032519e2839f2eb129e04d0e14624455ef6
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 03 Dec 2022 20:01:12 GMT
ETag: "7de5169e64f5f67299d51cfa1e7409319a346ebb"
Last-Modified: Tue, 29 Nov 2022 20:01:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 864
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771ec8b54b7bb500-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 22:29:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
counter.yadro.ru/hit?t21.6;r;%20s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;%200.169986172757695
88.212.201.204200 OK 1.5 kB URL HTTP/1.1 counter.yadro.ru/hit?t21.6;r;%20s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;%200.169986172757695
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash 892ba757cd979ee54976e54934831910
44ba497f1ca98b7956e1a39cf76b5d24927af606
8ebba806bbb5182e3bb41964821fcbaa27c5e337c694e79dac2d11eb961bf7ae
GET /hit?t21.6;r;%20s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;%200.169986172757695 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: image/gif
Content-Length: 1544
Connection: keep-alive
Expires: Mon, 29 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760984769
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760984769
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoznet?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760984769 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 29 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760984769
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760984769
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_desktop_ad?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760984769 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 29 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760985056
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760985056
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;clickgate08?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760985056 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 29 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//tk3.clan.su/forum/20-137-1;s1280*1024*24;uhttps%3A//tk3.clan.su/%3FJnPWa6BgRUMwITg%253Bvb%255EpigTLdvV%253B2mbgeYm0l9eDXFa%2521xvJdMmW98pBMvBN4tpnvhl00%255EYsUdtwhYIiO;1669760985302
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//tk3.clan.su/forum/20-137-1;s1280*1024*24;uhttps%3A//tk3.clan.su/%3FJnPWa6BgRUMwITg%253Bvb%255EpigTLdvV%253B2mbgeYm0l9eDXFa%2521xvJdMmW98pBMvBN4tpnvhl00%255EYsUdtwhYIiO;1669760985302
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;ucoz_topline_worldwide?rhttps%3A//tk3.clan.su/forum/20-137-1;s1280*1024*24;uhttps%3A//tk3.clan.su/%3FJnPWa6BgRUMwITg%253Bvb%255EpigTLdvV%253B2mbgeYm0l9eDXFa%2521xvJdMmW98pBMvBN4tpnvhl00%255EYsUdtwhYIiO;1669760985302 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 29 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash d91c77c54e9e64a798a1cd8c78561c4d
358dc4a35cf0efe435c4cc05312ced15d80eb185
d842e6ae8a605cc6e5c3de4c91a761de5023c8c92cae540d9f839e99f5be3e87
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 22:29:46 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Sat, 03 Dec 2022 21:40:31 GMT
ETag: "358dc4a35cf0efe435c4cc05312ced15d80eb185"
Last-Modified: Tue, 29 Nov 2022 21:40:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 865
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771ec8b5f950b4f4-OSL
top-fwz1.mail.ru/counter?id=1166328;t=55;ver=30
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?id=1166328;t=55;ver=30
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?id=1166328;t=55;ver=30 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 29 Nov 2022 22:29:46 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?id=1166328;t=55;ver=30
set-cookie: FTID=1RMYgQ0tkIIE:1669760986:1166328:::; path=/; expires=Thu, 30-Nov-23 22:29:46 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:29:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:29:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:29:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:29:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:29:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 2699
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 1307
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 536cd283dee06cf1ceb9e15e4850db92
47aafca572d34f9726a0174ac902178556e581d8
63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:09 GMT
age: 2017
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3c7e8351884491aeab9323c004bc3f3
127ac68bac21c88ffc6e09cc6666e93de4746a1f
e6fa04c502105c43c85c00d39481d2598c6d8fd56540e10107b6668c51597ae4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8498
x-amzn-requestid: f6b92060-88d4-49bd-b60e-94d99feca4e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYiBaGPOIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867d3c-331dacfb087d23881924eef9;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:44:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Zv5zu1q8h4GFU6agEcDzSVFYuvF74qu7UBnovs3vH5jpu17cmyxjQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:50 GMT
age: 2696
etag: "127ac68bac21c88ffc6e09cc6666e93de4746a1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 1094
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d64lSE184IwrwZKVC8KOUINEBclth9b7xRGV9T1uNfAptgXz0bxKhw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:14:25 GMT
age: 921
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?id=1166328;t=55;ver=30
95.163.52.67200 OK 541 B URL HTTP/2 top-fwz1.mail.ru/counter2?id=1166328;t=55;ver=30
IP 95.163.52.67:0
File type GIF image data, version 87a, 88 x 31\012- data
Hash 07a0a87554d71e91721777bd8c45006e
46d7b909b8598dfa525f5559ae6be8aaf9290662
be900f975dfabf5fc230b1fe8961ca7749b700d9c97126c29f8c465e5c05b112
GET /counter2?id=1166328;t=55;ver=30 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 22:29:46 GMT
content-type: image/gif
content-length: 541
set-cookie: FTID=1RMYgQ0tkIIE:1669760986:1166328:::; path=/; expires=Thu, 30-Nov-23 22:29:46 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e41e7da79a6237da44383f0c2529ff18
7f94c442850b0d219ef1329714ab9b9fa2711fe9
d9504479473135036fb167c38a3e1fbc01d6805fafa6c08987b9a947a209527e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9504479473135036FB167C38A3E1FBC01D6805FAFA6C08987B9A947A209527E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12394
Expires: Wed, 30 Nov 2022 01:56:22 GMT
Date: Tue, 29 Nov 2022 22:29:48 GMT
Connection: keep-alive
counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760987773
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760987773
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;desktop_click_load?r;s1280*1024*24;uhttps%3A//tk3.clan.su/forum/20-137-1;1669760987773 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 29 Nov 2022 22:29:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 29 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
absoluteroute.com/bens/vinos.js?23433&u=null&a=0.23886628971075774
193.200.64.20200 OK 140 kB URL HTTP/1.1 absoluteroute.com/bens/vinos.js?23433&u=null&a=0.23886628971075774
IP 193.200.64.20:0
ASN #6681 Rozetka Sp. z o.o.
File type ASCII text, with very long lines (727)
Size 140 kB (140149 bytes)
Hash 531950d9ee7f9aa5ce5764665595f3c1
0e1ea4917753a1fbf6157bb2a92fbe804142bc30
98ec6a251f8dc1695e1645aa589bccaa5b568e5e05451707ad9aae3322b0630a
GET /bens/vinos.js?23433&u=null&a=0.23886628971075774 HTTP/1.1
Host: absoluteroute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tk3.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 22:29:48 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16697605821532635802; expires=Thu, 28-Nov-2024 22:29:48 GMT; Max-Age=63072000; path=/; samesite=None; domain=.absoluteroute.com; secure