r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10274
Expires: Mon, 14 Nov 2022 12:34:07 GMT
Date: Mon, 14 Nov 2022 09:42:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e969be0f3201087da138cbc8b89f10
d0a27f525f2b242b5dafa157f126c2ba880c8809
f7e5f39372b5adcc30c27e727eee1b19e6d13ed1b54fa1ad67235dc8ee08ac51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3149
Cache-Control: max-age=92457
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 09:42:53 GMT
Etag: "6370c779-1d7"
Expires: Tue, 15 Nov 2022 11:23:50 GMT
Last-Modified: Sun, 13 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17717
Expires: Mon, 14 Nov 2022 14:38:10 GMT
Date: Mon, 14 Nov 2022 09:42:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 08:44:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3521
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jrnfBbkM0aDP94d+Us+uDZzsskCgogK/Ei6UbwXShB34ZRvxTk9V2zHFsaxjyhKPRAo1GZhICDQ=
x-amz-request-id: GF7APJB9DHJXXP7B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 09:13:48 GMT
age: 1745
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 09:42:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 08:44:48 GMT
cache-control: public,max-age=3600
age: 3485
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
kingchigwie.tk/ru/gazprom-bonuses/
104.21.69.102200 OK 3.7 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/
IP 104.21.69.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (313)
Hash 16b875d0a61e33a415816b258e23300f
525c69566271ed9722a26ed658fe192443e011cb
7b1e59e36aaf667464b6aedb8e5544dca9cebde1f45a99af4af94a15a58283bb
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/ HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onLeNKBk5fS9oNLGpNHgaJq4VNUOWZSWqpCNL3rjggzfJjCrJMlQNuZfD8BjonsCkPri6bvRUWlc5dNTJC6NKFfhcHEzfPjJq4r%2F57zJQ4Zz5Ny8AOyOw7SuEyxjG4%2FxDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 769eccb78feb1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a9a357f652868f9317812b8103ba15d
95a90c7a07b591dce7f39c6f9ab27974d1a1ed2a
16fd52c7ee6806455e724f30af8d58630a141a8a3823c48c20b5da3a71f066da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5956
Cache-Control: max-age=90194
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 09:42:54 GMT
Etag: "6370b3ac-1d7"
Expires: Tue, 15 Nov 2022 10:46:08 GMT
Last-Modified: Sun, 13 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vOfoWjCvP3t4kklZZxKp2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pJKCaWxqaIIXVU2h4UqANCgFq1w=
kingchigwie.tk/ru/gazprom-bonuses/static/js/main.js
104.21.69.102200 OK 3.2 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/js/main.js
IP 104.21.69.102:0
File type Unicode text, UTF-8 text, with very long lines (310)
Hash 297a11413edd7589e7f01a50c4786a97
5e0c9269d3725552a2b0dd6338f65090cd0dc039
9f72a692694e49fe9c4896292ff2e76508c3ae92e22c9e696d686110678c0097
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/js/main.js HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:02 GMT
ETag: W/"5ee2445e-2aa1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0z5T26vwxgBEl7mn3yIP9BLMc4PRuEN9c7AuDjZANT68VExN6phQwVxGGyxUn6DmZ%2BcB%2FvpJowVZ%2BM%2BOSWg9%2B3rUq%2FR61luNWAgFg3%2Bq9osOq2cbzACs4JeeD6nXJPUoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccbc7ce91c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/js/jquery.mask.min.js
104.21.69.102200 OK 3.1 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/js/jquery.mask.min.js
IP 104.21.69.102:0
File type ASCII text, with very long lines (986)
Hash b2f3afc4f78c6a8513759b3082d16cde
7234fade8ce6c38c6c63dc9ba7e263f79055586c
72f76b760386a1ee96a9bee7436e6a87750b66aff00cd4fb0d835019f7f94385
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/js/jquery.mask.min.js HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:03 GMT
ETag: W/"5ee2445f-1cce"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxfMqsDwevJhvoSoQUpOS%2FO28OcG30R9WidzjLlRcNdWNkaWik08R%2F627OxdXJDUTcmcdBtjXGIGXWDjmLKZz4bL9dhl9G%2BF33fo6ihDi9SwndsmDdEgAOha2d4dXoI8tw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccbc7ddeb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/css/main.css
104.21.69.102200 OK 5.1 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/css/main.css
IP 104.21.69.102:0
Hash 1fc232b3fab7f4d20aa0b8813e47bb1b
5e5f6b1f039dbdfe5f3dcafaadf858225c266b59
6bdf2d0f31bccfec6ef484ec444249a41dc1cd23f65285cc8c720d9035551ac7
GET /ru/gazprom-bonuses/static/css/main.css HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:01 GMT
ETag: W/"5ee2445d-74f1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnkJS8hs50pTlQVLAl8vsTeYWa5MmifS6P5f2cBh16SEnLWz4m7yaZlKHtBElqt9GNmGfOicEVxVlKn42GnwqXG6ybD%2BHpl%2Bci2VzLOG33LelttUXIFD%2FxaOuTmoWlUMhw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccbc2d60b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/js/comments.js
104.21.69.102200 OK 5.1 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/js/comments.js
IP 104.21.69.102:0
Hash c5dce89021fb61fd1d4d74db890fc4d7
565bcfbe20dd8daf9f020502a8a0ae66f3a5f8c1
298825593ff9000213f96f2ec14383c0c4b882f6b2e1bbd3b5f1468b093d20f3
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/js/comments.js HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:01 GMT
ETag: W/"5ee2445d-4ad4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1ATvvcwo4q%2BcDVjMjjDu%2BP3Nlax3Jj3VEfgvn0YO5BdiXjGT3zi3di8lPc%2F6Z7QpRNfucWUqF04oFGpJe9siu75qRjPZNpszRfI39I7fqriZNBMLPgObFk5BKiq%2FGfA%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccbc7839b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/js/jquery.js
104.21.69.102200 OK 31 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/js/jquery.js
IP 104.21.69.102:0
File type ASCII text, with very long lines (65451)
Hash 176e4a2e6e7128bda339fb357f1ff5a9
bfccc14b2f09fd6e743ad7342f075969d284d665
ff9ca68f99f59799e93c455b61602f7e977f260dca389bc1c9b03740872504b2
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/js/jquery.js HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:01 GMT
ETag: W/"5ee2445d-15d83"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaIzDPNhC2Oj%2FoXHMoSCop%2Fll6U1VYic2%2FweciDUls5tuisrA1%2FvkuPbxQzClsN0zDhwVZkHobgSsWm2uw8%2BoZBPePjmTHJAIz1qW9XnOp6Crm3vI%2F17PjkVg%2Fb1gFnzgg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccbc7a320b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/css/vkcomments.css
104.21.69.102200 OK 134 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/css/vkcomments.css
IP 104.21.69.102:0
File type ASCII text, with very long lines (713)
Size 134 kB (134424 bytes)
Hash 9674159a2e120297f02f5be9d454c5e1
65a6d0adb230d8b83e5b6a83932ff6b17045718f
44a7d67d627fe839bdf91d829f2ac7ce30c4ab3910c638372b15d7c6df5fd726
GET /ru/gazprom-bonuses/static/css/vkcomments.css HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:01 GMT
ETag: W/"5ee2445d-b819f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xr%2Bv%2F7muYiCZDODC44yVHLzfKM7%2FmUURu533HgcSBYr1RHU48Axc85s%2FTKsobrEJ8IkgOQLDB9oos9je0Na5MOwD0BudWIZF8t7wclwUBQ0sESudAQLTppj0xwJC6v9kjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccbc29b70afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15814
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 09:42:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c599387-a493-4fa1-8597-1dfa05785e08.webp
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c599387-a493-4fa1-8597-1dfa05785e08.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac5d1b1c5472d6083f42aa57dca4b76b
20265497926ce977139af012c3677d602f5aa72f
da8af50a64a8a18cd22faab0db15333eda4a75204fc5359f307bbc5df04c1a7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c599387-a493-4fa1-8597-1dfa05785e08.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7052
x-amzn-requestid: dd0441aa-ca29-415d-b5b2-04f91238e02a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDwHrHoAMF_ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-119c3df5252db7f401180a13;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6_8aRR4yGijFConA6hFZ7rPC-Y4ucR2WkHsKEugfhlDP49cCTvpUUg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:04:26 GMT
age: 41909
etag: "20265497926ce977139af012c3677d602f5aa72f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15814
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 09:42:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfc7286992b2cebdf1ebb58f85576e61
a49a1bf9716e32979810931d04d1f84216d096c1
7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7494
x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heGBtoAMFYQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VXu3wEUmBJjK6YiXRFYVAuZ3h-ApKkvK1miRBXpo6faKsx8OOXu0JQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:14:47 GMT
age: 23288
etag: "a49a1bf9716e32979810931d04d1f84216d096c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15814
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 09:42:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zAh7IawFpIJIJCMTeWKn99lx_R-88IOn5u8zRTMtzlDYEEqXSOyhGg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:57:55 GMT
age: 42300
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15814
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 09:42:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c41c5f7-45fd-4952-b779-caaaef2b43ff.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c41c5f7-45fd-4952-b779-caaaef2b43ff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 179204c4982b4bf381897d3c2c3dea1c
776b482a3c0c61950ffe838decfb1384225f514a
5e66f04013c2a7e2cef32a50c0d409dc2911b31a412aa81346b7d65e16f4a6f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c41c5f7-45fd-4952-b779-caaaef2b43ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 4191c827-2bbf-4e08-b16a-aa7bd5616ecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjydBHMwIAMF63A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63716453-169dcbf913baf8c67bd9f3d5;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 40ZsYE0GZNGo7Xf6eXk7OFwqq6UpZT3csZPtNGmHpfZrso9fMXTvRQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 42101
etag: "776b482a3c0c61950ffe838decfb1384225f514a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15814
Expires: Mon, 14 Nov 2022 14:06:29 GMT
Date: Mon, 14 Nov 2022 09:42:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0db3498954921b58948ad8a4e7fd49f
6b618c3ff6e589f9e01650bd0a619acb70d8004e
fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 42101
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa09e64-5032-43a4-b8f1-ac7a4c391ce2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa09e64-5032-43a4-b8f1-ac7a4c391ce2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f7c39108d3a61b6eaa3c7d8529f0ea0
a7a24b45563599abd1badffeffb965e6a9586f07
0dc12de0ae756b662448214eaa933aef9366404659585692730fa952b63e610f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa09e64-5032-43a4-b8f1-ac7a4c391ce2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10876
x-amzn-requestid: 916d129e-b6ca-4e4d-9818-67591d11c76c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjybzGdDIAMF4Cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644b-2f59bbb45dad57bc70c780b4;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:27 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yhREIc3lmibj7EIUHeUhT-665yL20HkK5wPTfdLcIgaDq8_DjwwSEw==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:20:06 GMT
age: 40969
etag: "a7a24b45563599abd1badffeffb965e6a9586f07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/logo.svg
104.21.69.102200 OK 1.4 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/logo.svg
IP 104.21.69.102:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 0b46ec4922848952b3c314b5dda5adf7
eaf51bd8bf815fc6751bb72ae9664945d12eb1a2
e86e7fc6a4ed76b69724788b47a8c9be55a70f97fbd35e2ce8a06b5051def05a
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/img/general/logo.svg HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:56 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:10 GMT
ETag: W/"5ee24466-b8a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UTaUzhL3l3N7rdVSn3qqfHJouJBnsKKXM6MGEshhvfjsg87Bb8wnZT9y9fCuZc9rSaq1xtCSUIJcmrW9GDW3mB7cqL2kj2ekgkS%2Bicnaax3V7l3%2FdQNy4RaQQHC6plWbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccc4f842b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/painting.png
104.21.69.102200 OK 15 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/painting.png
IP 104.21.69.102:0
File type PNG image data, 415 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 503f78b31d31d8793d2382836be6fde8
2c3823bc025405d27902d3366d15a8716e95d48d
7dc426632da6b67c5147e2091130d9e03a28948cb9241b2047f4f33d822296a0
GET /ru/gazprom-bonuses/static/img/general/painting.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:56 GMT
Content-Type: image/png
Content-Length: 14851
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:11 GMT
ETag: "5ee24467-3a03"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCmdvWSZX4DsV4r%2BneN0vsGJT8PCN%2BgYzaG21vKlk4tY7D2SFpk2l4iquUcPJRH%2B6B9AwIGdu8qmm%2BWd4xvRFOACjBT9pvphhxRpU6oXp8s3bDDzHSbEFc6nOP3oxfOhrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccc50a2f0afe-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/15k.png
104.21.69.102200 OK 406 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/15k.png
IP 104.21.69.102:0
File type PNG image data, 1834 x 1376, 8-bit/color RGBA, non-interlaced\012- data
Size 406 kB (406467 bytes)
Hash cec4919be1330fe80ad8f6100357d082
cadb8a8ac5a11e4b91b92492f735506280e67769
f4aa099e34bd36695f31b8fdc51711997215075317a676f2e672f6897b6e34c2
GET /ru/gazprom-bonuses/static/img/general/15k.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:56 GMT
Content-Type: image/png
Content-Length: 406467
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:08 GMT
ETag: "5ee24464-633c3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaL65LcadVWBBqnqKZE14eJy1fFUr5WT3VzRRvEg%2Bf40L7hkksLuwEqgI2F8ddnRVZbrTd39iGBEOeBC86bECm%2BPaVE2X8vYwV9%2BJ429JF%2B6Opj%2BPv8KdlKEBtYLxGGSKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccc4f935b4ee-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/100k.png
104.21.69.102200 OK 412 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/100k.png
IP 104.21.69.102:0
File type PNG image data, 1834 x 1376, 8-bit/color RGBA, non-interlaced\012- data
Size 412 kB (412201 bytes)
Hash fe3b75c4ce19981faff345f66b857270
77c84dfef60baaaa131f60ab6de5682897569f95
2456481c2109915e06fd4b4bced4b182ad45ae067fd0b44f1c3c12ef0710e0db
GET /ru/gazprom-bonuses/static/img/general/100k.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:56 GMT
Content-Type: image/png
Content-Length: 412201
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2022 14:34:26 GMT
ETag: "61e57e72-64a29"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jVcDU8g1bvdpX96Zckf7Q%2B%2F4t7BaKOBBp%2BOTSjeE3cov8konviEoWtB1vDAVgS4acxBZoXxUKNd38zg9Ht0QH4Se2mLMo%2FP89pL9pExLuChLOCOC%2FlMWX4gbGX4y0FgYA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccc4fd0b1c06-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/20k.png
104.21.69.102200 OK 408 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/20k.png
IP 104.21.69.102:0
File type PNG image data, 1834 x 1376, 8-bit/color RGBA, non-interlaced\012- data
Size 408 kB (408148 bytes)
Hash f9a1aec6aded791dbbaa55fd31861148
a6884f2411170fc9b67363f1c6a107cba220252d
a30f5429c9b318c644dc16ab125fdcfa30a41803c902be1c00a34c882ea22a30
GET /ru/gazprom-bonuses/static/img/general/20k.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:56 GMT
Content-Type: image/png
Content-Length: 408148
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:08 GMT
ETag: "5ee24464-63a54"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqjUKJHTzV9xDrPG4ya1CwLhfizpgLFoE4fxGWVco1g01bI6DTErG5fq2rQKTIQetBjlCABfV6kbLUeL1KK7vzyiLF9qul40NJIbJhJbnbq%2FbUqlB62nz%2BenO4%2FeS2oKbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccc4fb420b31-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/fonts/Geometria.woff
104.21.69.102200 OK 47 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/fonts/Geometria.woff
IP 104.21.69.102:0
File type Web Open Font Format, TrueType, length 46804, version 0.0\012- data
Hash 5b3095d4d47c44c339c00087e66242d8
4ca09b9930baa2c347992995887d06fe2971efa0
c7714c82617471d1fd838299c9a428b77a1be6189dea1d0fcd5e9c09e4989e05
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/fonts/Geometria.woff HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/static/css/main.css
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:56 GMT
Content-Type: application/font-woff
Content-Length: 46804
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 17:34:56 GMT
ETag: "5ee26b40-b6d4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ga2PQTgpLQPOd1rHhW2vShW6oXpKK1vqHNnothJr0J0SrybCmvIIcQYF84PB5bvFyzyIdUPn0gjt30XDX1CQ2qRq6ORmLqGw3uj0i26RlUHLDlOC17Kvw4BraVbr7jHy9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccc82ce2b505-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/10k.png
104.21.69.102200 OK 408 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/10k.png
IP 104.21.69.102:0
File type PNG image data, 1834 x 1376, 8-bit/color RGBA, non-interlaced\012- data
Size 408 kB (407593 bytes)
Hash 85b9a2a0a5c44d20a7c801dd2329c3cf
8629a99fcde7c4554fc2b40a6ff2199d39bd78bf
0e8b1939358a6f7f565607570ca04a7f63edb981471954e3307d2acd9156e104
GET /ru/gazprom-bonuses/static/img/general/10k.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:56 GMT
Content-Type: image/png
Content-Length: 407593
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:08 GMT
ETag: "5ee24464-63829"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDvVSHldZ%2BM1eX2g4Rnv54PX15FAIiaru634ge1TB0kYkfhnu022nIDe8ZfEYeZ8IKjUIrmuo8moFUnboji9NQmYDYIDOdZRg8IZQN0McC3odB%2Fh0T%2F%2F0ZpXvXAtHFXmOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccc4fc4eb518-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/fonts/Geometria-Medium.woff
104.21.69.102200 OK 47 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/fonts/Geometria-Medium.woff
IP 104.21.69.102:0
File type Web Open Font Format, TrueType, length 46808, version 0.0\012- data
Hash 31d95d36b9e3eb840c57f2f6caf058e6
a4555b76265cbbeb508aa6077279ad9b8b1d52c5
10a12049c7884bc104e4897672142d76d49a77ab7dc753ede70a4a013caf06ce
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/fonts/Geometria-Medium.woff HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/static/css/main.css
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:56 GMT
Content-Type: application/font-woff
Content-Length: 46808
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 17:34:55 GMT
ETag: "5ee26b3f-b6d8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBwMMMZUS8uCSHAICnogrmYW2hx%2BtOyzrCz06HH4dg0t2HhpYMa%2BHXzJYyVaxZhURWxLEJ5qJrlc3lvhZo0rotEJzLI9wrdkxWqT6Cc8VCitd4ofM86T9og8nUA1wwq0Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccc88e900afe-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/icons/comments_widget.png
104.21.69.102404 Not Found 116 B URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/icons/comments_widget.png
IP 104.21.69.102:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
GET /ru/gazprom-bonuses/static/img/icons/comments_widget.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/static/css/vkcomments.css
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 09:42:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvqJlreGy9WsJnUbRfg%2FS2diox%2FtNf%2FGl8WYGBL4lyCo7ULagSDUaC8PYZJXjR57PBGGNkattuVNJuNVX7PwIWUMQ4PAk7qpZ0gMF2XBnHtSw8l35e%2F4dHYUl7OtN3XkEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769ecccd9fe2b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/director.jpeg
104.21.69.102200 OK 35 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/director.jpeg
IP 104.21.69.102:0
File type JPEG image data, baseline, precision 8, 290x419, components 3\012- data
Hash 325700b94f9fdf671a0060e66152bafa
776b4870ddae61787f410e7decd14d3c21b55b68
2115af1ff3fca83eae2a1a9f908982d45f01e7b31fede74b7df0e07017540d38
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/img/general/director.jpeg HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:57 GMT
Content-Type: image/jpeg
Content-Length: 34857
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:10 GMT
ETag: "5ee24466-8829"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tftbh6U35n470kVqnNsR%2F0mZiy%2B%2FMjsNWSFOrBVzn9DYljpPRcNSBfJDn02%2Fxbtsu3Szq49KH8pQn8nTpiOXGBI7A7w1yc2OGaXGrpDvlqHuL6VB0lXNcy2P5iJmWuyRYg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769ecccd8c41b505-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/fonts/Roboto-Light.woff
104.21.69.102200 OK 281 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/fonts/Roboto-Light.woff
IP 104.21.69.102:0
File type Web Open Font Format, TrueType, length 280972, version 0.0\012- data
Size 281 kB (280972 bytes)
Hash a79ff836df2a73abf2dacb1f1af2d225
2fa057b66d36d990a9e913af36af44f0f78dec04
527e57c2b8c55a00804198df15551bea4ce6a54773c70ce1071cbfdbbf38ce9c
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/fonts/Roboto-Light.woff HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/static/css/main.css
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:57 GMT
Content-Type: application/font-woff
Content-Length: 280972
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 17:34:55 GMT
ETag: "5ee26b3f-4498c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRY08j5R0HRgpO9wZTPdUu5MZK0LiNPGFg3iRdf2AhFzDiESbOxbbN0dTpNgRiVYgVXZ6nu3fXHmIUxixsrf%2FDGDs%2BUv%2B8KXFACyhNzzR38EktNKQ2ujNPZMAoroup32ow%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccccaa33b4ee-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/fonts/Roboto-Regular.woff
104.21.69.102200 OK 280 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/fonts/Roboto-Regular.woff
IP 104.21.69.102:0
File type Web Open Font Format, TrueType, length 280060, version 0.0\012- data
Size 280 kB (280060 bytes)
Hash 8c9e2179f46b280d31ee9422ce0e41e2
3a04db5ed2137206c5868cf94ccbe0cba4ae280f
4e88cc5d3ac1f10bfe52ba2325b1c1645e11406e17707931723d3ecdba2770d0
Analyzer Verdict Alert fortinet Phishing
GET /ru/gazprom-bonuses/static/fonts/Roboto-Regular.woff HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/static/css/main.css
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:57 GMT
Content-Type: application/font-woff
Content-Length: 280060
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 17:34:56 GMT
ETag: "5ee26b40-445fc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iyb%2FfA0Kdoi2Kd%2B2%2F9P8A%2FvTTQKcrrEzjxhpE6lIMn%2BTiv3A%2FSmk8CU3%2F4rXWil7QbD0LrAGy%2B0DXFmpc4At9Kz2JyDY33jopxBzgvX%2FMYNaXnTDgDQx%2B5PkuLx5tz14wA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769ecccccbe61c06-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/2k.png
104.21.69.102200 OK 401 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/2k.png
IP 104.21.69.102:0
File type PNG image data, 1834 x 1376, 8-bit/color RGBA, non-interlaced\012- data
Size 401 kB (400772 bytes)
Hash 365fa7031eec9ada9247a10d19f912ce
d9b9619ca5806b4667f32d344869ae53a5023229
748028bce805254572f0ca1ea2f6ad3c3879a0039f0e649244b4dca0d6b96058
GET /ru/gazprom-bonuses/static/img/general/2k.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:57 GMT
Content-Type: image/png
Content-Length: 400772
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:09 GMT
ETag: "5ee24465-61d84"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3YglduDyF%2Br3XdErboM%2FeKruz5rWkurgImawj7vAaXHkR4mPWDcsIBaH9PlC6kffmohHB0P1dz1EWOydRWw%2F627MZzjXrOW27yhqT8iGMqpzhyVN2lrRUUweekMud62aA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769ecccdede70afe-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/photo_2019-07-31_19-27-54.jpg
104.21.69.102200 OK 476 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/photo_2019-07-31_19-27-54.jpg
IP 104.21.69.102:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1620x1080, components 3\012- data
Size 476 kB (475550 bytes)
Hash 5282da143863742cc1222b72302263fd
b61afc6c5d24be9a74bbdeb44907a7d91e9142f2
9532f6fda7dcdf034ad93792b90393bd0b51af1576bec5bbd7c08e9b39efc940
GET /ru/gazprom-bonuses/static/img/general/photo_2019-07-31_19-27-54.jpg HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:57 GMT
Content-Type: image/jpeg
Content-Length: 475550
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:12 GMT
ETag: "5ee24468-7419e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks72%2F4ssk5qP6slhYF2CHKsUQv2hcjKQgnGVFy39y%2FZjK0%2FC0vQXxf%2F%2F0oZDCV1XsM1U8nCxwsujlO7AwYEemNB333tB71OLnnUbXJp9n2wfKSKmz4oTb4hTf2Yh3xxSPA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccccea9e0b31-OSL
alt-svc: h2=":443"; ma=60
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 16d09e2a9c17a5a2d1eb38a952f2db09
07b7d627ef71652c0f27971a767c48ec83a0b8f4
d1e78e851fae5493b85ef8b3c23171597a6cfc15279efa3ecb1d1fc3978ba2e4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 18 Nov 2022 07:42:49 GMT
ETag: "07b7d627ef71652c0f27971a767c48ec83a0b8f4"
Last-Modified: Mon, 14 Nov 2022 07:42:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2714
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd77c80b4ff-OSL
pp.userapi.com/c851328/v851328617/1300a0/-6pcbsCkBV4.jpg?ava=1
87.240.190.77200 OK 12 kB URL HTTP/2 pp.userapi.com/c851328/v851328617/1300a0/-6pcbsCkBV4.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 113ed1e12d267373bc7165dd43d2874d
7dc6259b31d87844e981a833079107d445b04b4f
4d215980822d00eac540b144287d4963223a2201c46008c66a96e3ab0b44d057
GET /c851328/v851328617/1300a0/-6pcbsCkBV4.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 12349
last-modified: Sat, 01 Jun 2019 19:40:37 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 16d09e2a9c17a5a2d1eb38a952f2db09
07b7d627ef71652c0f27971a767c48ec83a0b8f4
d1e78e851fae5493b85ef8b3c23171597a6cfc15279efa3ecb1d1fc3978ba2e4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 18 Nov 2022 07:42:49 GMT
ETag: "07b7d627ef71652c0f27971a767c48ec83a0b8f4"
Last-Modified: Mon, 14 Nov 2022 07:42:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2714
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd7acdeb4ff-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 16d09e2a9c17a5a2d1eb38a952f2db09
07b7d627ef71652c0f27971a767c48ec83a0b8f4
d1e78e851fae5493b85ef8b3c23171597a6cfc15279efa3ecb1d1fc3978ba2e4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 18 Nov 2022 07:42:49 GMT
ETag: "07b7d627ef71652c0f27971a767c48ec83a0b8f4"
Last-Modified: Mon, 14 Nov 2022 07:42:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2714
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd7ccecb4ff-OSL
pp.userapi.com/c836131/v836131893/3dbc/rM31jtMPQeo.jpg?ava=1
87.240.190.77200 OK 12 kB URL HTTP/2 pp.userapi.com/c836131/v836131893/3dbc/rM31jtMPQeo.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x300, components 3\012- data
Hash 1815c13ed392857117402e56e70f1d97
9d11a2402e7926f56990ea4f6558b9ae1428f340
0a5cb0fad7b61743ef8b711e895200b595cf1b41238496fdf9546353ceef5e9f
GET /c836131/v836131893/3dbc/rM31jtMPQeo.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 11715
last-modified: Sun, 02 Oct 2016 20:26:26 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 16d09e2a9c17a5a2d1eb38a952f2db09
07b7d627ef71652c0f27971a767c48ec83a0b8f4
d1e78e851fae5493b85ef8b3c23171597a6cfc15279efa3ecb1d1fc3978ba2e4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 18 Nov 2022 07:42:49 GMT
ETag: "07b7d627ef71652c0f27971a767c48ec83a0b8f4"
Last-Modified: Mon, 14 Nov 2022 07:42:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2714
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd7dcfeb4ff-OSL
pp.userapi.com/1zXHKoX__oHD0zFaTDVJOAz_J0V12bQ9WsAvDw/TRU-UZILQFA.jpg?ava=1
87.240.190.77200 OK 34 kB URL HTTP/2 pp.userapi.com/1zXHKoX__oHD0zFaTDVJOAz_J0V12bQ9WsAvDw/TRU-UZILQFA.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x204, components 3\012- data
Hash 7c478721c3954aea3f2e7768e531cdb8
33bf54954988dadefb78dfbc0babcf2cfea5823a
e77075f0caef49dde7dd910e0da41c91ef912c77cd81d320afd65646993a29d2
GET /1zXHKoX__oHD0zFaTDVJOAz_J0V12bQ9WsAvDw/TRU-UZILQFA.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 33498
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: a7e7f4c6-7d3f-447b-961c-68bcc7f4a29f
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 16d09e2a9c17a5a2d1eb38a952f2db09
07b7d627ef71652c0f27971a767c48ec83a0b8f4
d1e78e851fae5493b85ef8b3c23171597a6cfc15279efa3ecb1d1fc3978ba2e4
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 18 Nov 2022 07:42:49 GMT
ETag: "07b7d627ef71652c0f27971a767c48ec83a0b8f4"
Last-Modified: Mon, 14 Nov 2022 07:42:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2714
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd7ed0fb4ff-OSL
pp.userapi.com/c841422/v841422872/afa6/7uOV04XAz5A.jpg?ava=1
87.240.190.77200 OK 14 kB URL HTTP/2 pp.userapi.com/c841422/v841422872/afa6/7uOV04XAz5A.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 1bbad063352babac3c093caef46d0acb
ed979e7de80945168a2d6dee7a5b0a492a072cc3
f1b5015d82543eb44542f5aae5548ae2c7518327a54a512a63c0d59e81795c60
GET /c841422/v841422872/afa6/7uOV04XAz5A.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 13522
last-modified: Thu, 27 Jul 2017 16:47:28 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c841022/v841022500/554b6/Flh9w9t87mU.jpg?ava=1
87.240.190.77200 OK 15 kB URL HTTP/2 pp.userapi.com/c841022/v841022500/554b6/Flh9w9t87mU.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 949417782b02a00b5990df62f1c322ac
2c2ac16826ff6d2519c00f6b2920d2e042350b71
417db116bed44730a91bbe80021e53a3401c5cc340747a95a2c86669613e09c1
GET /c841022/v841022500/554b6/Flh9w9t87mU.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 14611
last-modified: Wed, 27 Dec 2017 19:17:47 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c5120/u98913860/a_3c510fcd.jpg?ava=1
87.240.190.77200 OK 12 kB URL HTTP/2 pp.userapi.com/c5120/u98913860/a_3c510fcd.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 200x186, components 3\012- data
Hash 5450f9f80f22a7352976aad7c436f583
26660fd9bc123e7e2d3561f3e8d119b18bee2714
280013fdd7d8d8b4a95505d558b625722e40c6fad6558dd2dbd7916bd43637b9
GET /c5120/u98913860/a_3c510fcd.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 11494
last-modified: Thu, 26 May 2011 18:37:59 GMT
etag: "4dde9e07-2ce6"
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun9-70.userapi.com/c637221/v637221430/4f4f0/OZoGaLxRiik.jpg?ava=1
87.240.185.169200 OK 13 kB URL HTTP/2 sun9-70.userapi.com/c637221/v637221430/4f4f0/OZoGaLxRiik.jpg?ava=1
IP 87.240.185.169:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 4d499b7b3f64395ba2ada0318f90fb04
8f278c8c3407df5e59d0e032b006fca9420a48bd
1d766182ccc0f120993f83d3fb39cb923b20a00ac2896d557f9320e29e6ebfa6
GET /c637221/v637221430/4f4f0/OZoGaLxRiik.jpg?ava=1 HTTP/1.1
Host: sun9-70.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 12868
last-modified: Thu, 18 May 2017 08:58:04 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front220305
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 3d16398532dadef112849ede2c791c42
80179e399f34ca03b15939ca86c663c95a0a85c2
f68b1049020d026b0c360ea72a2d5fa4a9ec9a0929405e14abefe5ea04681c3f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 18 Nov 2022 06:32:30 GMT
ETag: "80179e399f34ca03b15939ca86c663c95a0a85c2"
Last-Modified: Mon, 14 Nov 2022 06:32:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3274
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd7e9fa0b61-OSL
pp.userapi.com/c852016/v852016462/12a111/xZHL5x6QPc4.jpg?ava=1
87.240.190.77200 OK 15 kB URL HTTP/2 pp.userapi.com/c852016/v852016462/12a111/xZHL5x6QPc4.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash a1b59f5e54d60317ea93b3de097f8ce8
33f46ab01057d234394f596c2b4d36ac3a87fff2
3349224fa7553bb09ea418bd74e6b18818745a0368fe8329f8c0f7cff12a546f
GET /c852016/v852016462/12a111/xZHL5x6QPc4.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 14808
last-modified: Wed, 29 May 2019 14:46:14 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c834303/v834303640/837de/rFa45evhyxY.jpg?ava=1
87.240.190.77200 OK 12 kB URL HTTP/2 pp.userapi.com/c834303/v834303640/837de/rFa45evhyxY.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 976b15da33325e29e007d9996038da7c
61bce622bcb57879e004de2fa343f7fff845975f
89ec193043e9035a98baeabb6dd61afa33d873de137d21999ac8eee17f1c70a3
GET /c834303/v834303640/837de/rFa45evhyxY.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 11743
last-modified: Fri, 12 Jan 2018 22:35:08 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c636017/v636017094/2053f/y4dJiZWD188.jpg?ava=1
87.240.190.77200 OK 8.5 kB URL HTTP/2 pp.userapi.com/c636017/v636017094/2053f/y4dJiZWD188.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 1217e77273c853b49988d5364b8a7a84
5ddc05ded07117b9d909d97880fdeecf9cdbd9f2
767da781fe013e58e40389c1e0c9f970af5c672fb545a82d77d0c2683a551032
GET /c636017/v636017094/2053f/y4dJiZWD188.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 8490
last-modified: Thu, 18 Aug 2016 08:08:53 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/c10506/u144023376/a_2502ec1c.jpg?ava=1
87.240.190.77200 OK 18 kB URL HTTP/2 pp.userapi.com/c10506/u144023376/a_2502ec1c.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 200x219, components 3\012- data
Hash a063df385c6d1177dab1657d104f2411
0b8222b5f44e8c3c253b801b55b180f74267e941
2145ae275b07f71a0b53223d057a11d136ca6eab0b96183060f1e95b559791a6
GET /c10506/u144023376/a_2502ec1c.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 17760
last-modified: Wed, 17 Aug 2011 04:15:08 GMT
etag: "4e4b404c-4560"
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun9-6.userapi.com/c850128/v850128085/136aef/GXMVwqqYtgA.jpg?ava=1
87.240.185.133200 OK 14 kB URL HTTP/2 sun9-6.userapi.com/c850128/v850128085/136aef/GXMVwqqYtgA.jpg?ava=1
IP 87.240.185.133:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 3b7fa24f279e0a47c943a7aca5c41cc4
0e6f4707aba4ba42fd8a68f149c0441f27b3bfaa
72bfc9e56b1e290b558f541396eeda03815631f82253f90f383e5a7236934354
GET /c850128/v850128085/136aef/GXMVwqqYtgA.jpg?ava=1 HTTP/1.1
Host: sun9-6.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 14329
last-modified: Sat, 11 May 2019 06:25:15 GMT
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front221105
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/0tomcCqsmnvIoWXtqQ0oh0RsI7_ufIPalY1dhA/XSHq7x-LCyI.jpg
87.240.190.77200 OK 1.9 kB URL HTTP/2 pp.userapi.com/0tomcCqsmnvIoWXtqQ0oh0RsI7_ufIPalY1dhA/XSHq7x-LCyI.jpg
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 862fc22714936eb5dea3faa36eaa9d88
c413a006ea2e569b2d4b1a05c7d00ff2b5083697
43943e557e935a8f6dfa1cb1c9f4607e49311f0a024846eefa8864269e58d38c
GET /0tomcCqsmnvIoWXtqQ0oh0RsI7_ufIPalY1dhA/XSHq7x-LCyI.jpg HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kingchigwie.tk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 1914
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: 18891807-f6af-4bf0-be89-e538a0d81031
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/qEqOBCztirt728uF6zkJ1jk4ZpPYZkE2A11bKw/OtCJDwqvEgc.jpg
87.240.190.77200 OK 16 kB URL HTTP/2 pp.userapi.com/qEqOBCztirt728uF6zkJ1jk4ZpPYZkE2A11bKw/OtCJDwqvEgc.jpg
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 4915x4915, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 55727fdc3464d4b2d6affa98f542aaae
d5ff2a848113ebd076545c277f66bea3b074ba9b
70a04afd372efe1e12a90b48befa2d7dacca831ae49d6f9f10c33e05a38a4f0b
GET /qEqOBCztirt728uF6zkJ1jk4ZpPYZkE2A11bKw/OtCJDwqvEgc.jpg HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kingchigwie.tk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 16149
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: 22c32bc3-675b-4153-98cb-0f9aae404e23
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
pp.userapi.com/VWfqGdHQX0yjMwh58jpDpW5FM4x1O-uOs_W68A/bMipBTWZ_sU.jpg
87.240.190.77200 OK 22 kB URL HTTP/2 pp.userapi.com/VWfqGdHQX0yjMwh58jpDpW5FM4x1O-uOs_W68A/bMipBTWZ_sU.jpg
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 4e46f637447bd6219dc602f1db24255a
b194602511439b2facc826f29971d2e42d5bcf4f
928f88a8a11b1fec7b2dd29727263e8ca4ac00b5bb0ccf5fe6b2d3be881caab9
GET /VWfqGdHQX0yjMwh58jpDpW5FM4x1O-uOs_W68A/bMipBTWZ_sU.jpg HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kingchigwie.tk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
content-length: 21798
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
request-id: 6691a204-7cbf-466b-b00e-fcb19319b314
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/5k.png
104.21.69.102200 OK 400 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/5k.png
IP 104.21.69.102:0
File type PNG image data, 1834 x 1376, 8-bit/color RGBA, non-interlaced\012- data
Size 400 kB (400468 bytes)
Hash 14bac6145e35693ceca52e0131e3d711
4154cfc42b3a428079d2639cb784a12aa9b39384
e55aae1e295fc3b9f0d803cdc18c50cf4b7a22addde964ff39b951833c3c0550
GET /ru/gazprom-bonuses/static/img/general/5k.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:58 GMT
Content-Type: image/png
Content-Length: 400468
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:49:09 GMT
ETag: "5ee24465-61c54"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFJIycJoht3zbm59Di%2Bw7%2F7CUDxJtl5AYZ4Vxz0OgiVLhXyWFmHPT8eRBSDbS9XlyBnvJ7dfDjImSbzF1gtHWuOzVyWJEdaiqtEFp132U3aP96DZouA75IErQUUdngWVYw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd0acacb518-OSL
alt-svc: h2=":443"; ma=60
vk.com/images/camera_200.png?ava=1
87.240.129.133200 OK 23 kB URL HTTP/2 vk.com/images/camera_200.png?ava=1
IP 87.240.129.133:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 668f92e936e6c426400802fee4c711b9
83633a67b6758108d80a6f5ba67e49f8b12612bc
8efa03b9ff85c5e4e945f9bb66a8e576e9f57c66c5b404db35faab279a831d3b
GET /images/camera_200.png?ava=1 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/png
content-length: 22867
last-modified: Tue, 22 Sep 2020 20:29:55 GMT
etag: "5f6a5ec3-5953"
expires: Mon, 21 Nov 2022 09:42:58 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
kingchigwie.tk/ru/gazprom-bonuses/static/img/general/50k.png
104.21.69.102200 OK 410 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/static/img/general/50k.png
IP 104.21.69.102:0
File type PNG image data, 1834 x 1376, 8-bit/color RGBA, non-interlaced\012- data
Size 410 kB (409661 bytes)
Hash 1db8d78a20183f8e0340b9f767115430
33a14c85251fad800777d2a336d98e64a241fd82
81ecd6a8325ad17751c81ede6532cf5108236aa41e7422301e5e342a4d6d46f5
GET /ru/gazprom-bonuses/static/img/general/50k.png HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:58 GMT
Content-Type: image/png
Content-Length: 409661
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2022 14:33:23 GMT
ETag: "61e57e33-6403d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BXBnFjKmB%2BHxqfrKuA%2F%2B9tMQiEamhebiXw%2F2lozV3SJOLbic7okJ2HrpBK6B8ixfDXpiL7vCIS9SPciiPM%2BJ8LGLkftdJtheEwPhqlHr5PO8gupLeNBa7bAv1Sn%2BL8nDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd15a4db505-OSL
alt-svc: h2=":443"; ma=60
kingchigwie.tk/ru/gazprom-bonuses/favicon.ico
104.21.69.102200 OK 29 kB URL HTTP/1.1 kingchigwie.tk/ru/gazprom-bonuses/favicon.ico
IP 104.21.69.102:0
File type MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 8b38834a18b7909179f07c72ad124940
e96193a1f16e638f249f864bc467302d1a325bfe
02c939860b26af1ce443d09a871ad73a92d69d97b13c3c90e2d0621f173a4f3f
GET /ru/gazprom-bonuses/favicon.ico HTTP/1.1
Host: kingchigwie.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kingchigwie.tk/ru/gazprom-bonuses/
Cookie: timer=161339; PHPSESSID=261p32jkapt6aqacu64rta5l7l
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 09:42:59 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2020 14:48:55 GMT
ETag: W/"5ee24457-1cd6a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Fx7ngnykplbQC3usZZTmJ4VLx8FI5BebtUl9GZgIkN89%2F5FDAa43x%2BJ4SENTHhnFBAYi%2BIwAHioq83jGugu%2BvpdylYsoORhtpiwEIWaFBB95Tw5GN88myBAiQqDBxn0DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769eccd79c710b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pp.userapi.com/c848732/v848732920/18919d/YSNIWV6uDfo.jpg?ava=1
87.240.190.77301 Moved Permanently 20 kB URL HTTP/2 pp.userapi.com/c848732/v848732920/18919d/YSNIWV6uDfo.jpg?ava=1
IP 87.240.190.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x300, components 3\012- data
Hash 90618bc3c059d98bf468367dd5548878
9ada5e3becdcd7d50bbf91fea7c9995b4397b342
a811c857bd6932762e2d7c4c1dabb148aced0eea9887769b0c31ef648535210d
GET /c848732/v848732920/18919d/YSNIWV6uDfo.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: kittenx
date: Mon, 14 Nov 2022 09:43:00 GMT
content-type: image/jpeg
location: /dGyuZQ9Q-JpbUVyBdLOmPxELlayZxrnZBzpocw/C28UUYxVdao.jpg
expires: Wed, 14 Dec 2022 09:43:00 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ed38e2b-996e-4243-a418-929f20183420.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ed38e2b-996e-4243-a418-929f20183420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c017b320b8160218fc060f69c4617c81
380ab5343fd3212c0f682b1e125a587fe49da95d
6cc252fd04c4a28d884d7bddd0ac088bc3570ec04aebf483d516d12543c97c8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ed38e2b-996e-4243-a418-929f20183420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5715
x-amzn-requestid: 4633f4bd-b1cc-4729-8827-a9202df4fab0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyFdHloIAMF_iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163bc-785f952757673c9c0197c35d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:38:04 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -dbgLM4YPeQqeygY_gieC_NW_lN0r7zvD43mamnFR3DzkF5sz4E9iw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 42108
etag: "380ab5343fd3212c0f682b1e125a587fe49da95d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pp.userapi.com/c852032/v852032209/c4ff7/VwMNPPmrDkk.jpg?ava=1
87.240.190.77301 Moved Permanently 0 B URL HTTP/2 pp.userapi.com/c852032/v852032209/c4ff7/VwMNPPmrDkk.jpg?ava=1
IP 87.240.190.77:0
GET /c852032/v852032209/c4ff7/VwMNPPmrDkk.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
location: /0tomcCqsmnvIoWXtqQ0oh0RsI7_ufIPalY1dhA/XSHq7x-LCyI.jpg
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2
pp.userapi.com/c846324/v846324005/1e0ea7/2ThiLiaJIRU.jpg?ava=1
87.240.190.77301 Moved Permanently 0 B URL HTTP/2 pp.userapi.com/c846324/v846324005/1e0ea7/2ThiLiaJIRU.jpg?ava=1
IP 87.240.190.77:0
GET /c846324/v846324005/1e0ea7/2ThiLiaJIRU.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
location: /qEqOBCztirt728uF6zkJ1jk4ZpPYZkE2A11bKw/OtCJDwqvEgc.jpg
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2
pp.userapi.com/c847019/v847019473/1bea49/9NSXfX6Z8bw.jpg?ava=1
87.240.190.77301 Moved Permanently 0 B URL HTTP/2 pp.userapi.com/c847019/v847019473/1bea49/9NSXfX6Z8bw.jpg?ava=1
IP 87.240.190.77:0
GET /c847019/v847019473/1bea49/9NSXfX6Z8bw.jpg?ava=1 HTTP/1.1
Host: pp.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kingchigwie.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: kittenx
date: Mon, 14 Nov 2022 09:42:58 GMT
content-type: image/jpeg
location: /VWfqGdHQX0yjMwh58jpDpW5FM4x1O-uOs_W68A/bMipBTWZ_sU.jpg
expires: Wed, 14 Dec 2022 09:42:58 GMT
cache-control: max-age=2592000
x-frontend: front225100
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
X-Firefox-Spdy: h2