Report - cs-lip.at.ua/forum/61-798-0-17-1

Report Overview

Submitted URL
cs-lip.at.ua/forum/61-798-0-17-1
IP
195.216.243.33
ASN
#57724 Ddos-guard Ltd
Submitted
2023-03-30 04:49:27
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
rot.spotsniper.ru	unknown	2017-01-30T12:09:40Z	2023-03-30T06:49:17Z	728 B	716 B	31.172.81.158
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-31T18:29:50Z	357 B	1.9 kB	104.18.21.226
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-31T20:19:47Z	433 B	171 kB	142.250.74.35
scatrouting.com	unknown	2023-03-20T11:28:41Z	2023-03-31T15:48:10Z	396 B	141 kB	193.200.64.20
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
counter.pr-cy.ru	unknown	2012-06-03T18:16:26Z	2023-03-02T08:14:34Z	303 B	1.4 kB	93.171.203.247
themes.googleusercontent.com	9661	2012-05-24T09:24:02Z	2023-03-31T18:35:18Z	416 B	61 kB	216.58.211.1
counter.yadro.ru	7275	2014-09-09T20:41:17Z	2023-03-31T19:05:52Z	4.5 kB	3.7 kB	88.212.201.198
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	67 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	4.1 kB	11 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	1.0 kB	2.1 kB	142.250.74.131
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
cs-lip.at.ua	unknown	2015-07-23T13:58:59Z	2023-03-30T06:46:07Z	21 kB	250 kB	195.216.243.33
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
s33.ucoz.net	unknown	2017-02-02T13:30:07Z	2023-02-04T22:29:24Z	1.3 kB	8.4 kB	195.216.243.33
www.google.com	7	2015-05-10T13:11:19Z	2023-03-31T20:35:26Z	402 B	1.1 kB	216.58.207.228
ishowyoufuture.com	unknown	2023-03-20T11:29:28Z	2023-03-31T15:37:36Z	366 B	197 B	193.200.65.61
zcode12.me	unknown	2022-11-14T13:01:14Z	2023-03-30T15:42:36Z	370 B	452 B	185.177.93.30

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-30 04:49:41	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-03-30 04:49:41	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-30	medium	cs-lip.at.ua/forum/61-798-0-17-1	Malware
2023-03-30	medium	cs-lip.at.ua/forum/61-798-1	Malware
2023-03-30	medium	cs-lip.at.ua/?JT%21kmcxRN3lnTEQL%3BJ%21rpU5ELKBWhnX9xivMdghpSnUgQSruD1a5kz3TKr1fbsETjMckWbxFriOV9YCkIPNeB1wku%5EEOZpQ1%5E%3BrIwi6Q3h8xeOb4J1T6UzYJFpsK7uj5XeRlL34sxJHtwJsWUZChEGWP1w%21TGELhjzDiBvL8QF2TrWgjfVw7k%3BaF%5E2UVeAh1%5E9mNh7eGK%21ZTicp5c%3BZu	Malware
2023-03-30	medium	cs-lip.at.ua/?XZsYPwzJemCQA370IN0zFERftjPVNNAxnOsjmVsbr66n45vjP%21s%21LJfOSqU%5EGzwuS%5EMqDaSApaZ5rALOqPZlMSynhGaBFmZQZ%21WuT7BdZA9Ae%213xIaW%21rOcrAwqj4w4e7YxYhyOB2%21qZ1MyhOTZPwPQJRXMOua7VS1SnvPFzBUYFI3N%218rilkce%21in3gjye7EBktSfPMHaCEznnTHNco	Malware
2023-03-30	medium	cs-lip.at.ua/.s/src/ulightbox/ulightbox.min.js	Malware
2023-03-30	medium	cs-lip.at.ua/.s/src/uwnd.min.js	Malware
2023-03-30	medium	cs-lip.at.ua/.s/src/jquery-1.12.4.min.js	Malware
2023-03-30	medium	cs-lip.at.ua/stat/1680151757	Malware
2023-03-30	medium	cs-lip.at.ua/?37L33S3uTHrIB2atj%3B619%21k6pn1a5VcesvQe3mX1myT3%210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	cs-lip.at.ua/forum/61-798-1#1096	209 B	2023-03-07	2024-05-04
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:21 Last Seen2024-05-04 09:40:18 Times Seen940 Hash ebe6bc0803293713c0cd5ccbb6858263 f7e12e4099d0b1539e6424fb35bed336f953239d de6c089a2079a7e9d7740a581839e60f99fc2b345f909a63fb8edce6e90dca4a Loading...

	cs-lip.at.ua/forum/61-798-1#1096	405 B	2023-03-12	2023-12-17
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:10:05 Last Seen2023-12-17 15:44:53 Times Seen3 Hash af6e8dec9c7b2cd167e693660200a8c4 a74b6b163e6d005d083f7107e3f41e1b74fb14de eb6f15104da4212b196bd7af6b8a840087beb09002d1740559d0cf74f43001e8 Loading...

	cs-lip.at.ua/.s/src/ulightbox/ulightbox.min.js	22 kB	2023-03-13	2023-08-29
Pretty URL cs-lip.at.ua/.s/src/ulightbox/ulightbox.min.js IP 195.216.243.33 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:50:49 Last Seen2023-08-29 00:13:38 Times Seen1347 Hash 862f093f507f858ee329c39576f1c041 f3da76f6d4071020bf9c82ddbcbb1ad95d74108f a0c876daa26fa9e875abc22a4e88e310a20ea1fdb45451e4af22b907dbf22da8 Loading...

	cs-lip.at.ua/.s/src/uwnd.min.js	210 kB	2023-03-07	2023-11-09
Pretty URL cs-lip.at.ua/.s/src/uwnd.min.js IP 195.216.243.33 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:47 Last Seen2023-11-09 11:57:45 Times Seen1943 Hash 0e2dd07983ad50fa9205b6a9d24bc79f 8eafe02a75c83f60d40d1cee73e2770805e54a9e 8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad Loading...

	cs-lip.at.ua/forum/61-798-1#1096	93 B	2023-03-12	2024-01-06
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:10:05 Last Seen2024-01-06 15:43:56 Times Seen7 Hash 0cc44e85c38a33c01f751dfcc29480b4 f1ab858dcbff5872eda5e1f1e6bb8dd0762dc235 b2ef727a11cfb04c38b446184354d8cee4ea38da4bc640b36afe7da67e4610a5 Loading...

	cs-lip.at.ua/forum/61-798-1#1096	319 B	2023-03-07	2023-04-05
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:47 Last Seen2023-04-05 02:07:30 Times Seen91 Hash 3b4f4ff3893180cb906d3fa740bb5b93 44aedaacef51eeb63c93827bbec6a0dc96132d61 59f57c47e99cc24e24adbcd2855e26f0569c53727530906e07f051f648dfd4b4 Loading...

	cs-lip.at.ua/.s/src/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-05-05
Pretty URL cs-lip.at.ua/.s/src/jquery-1.12.4.min.js IP 195.216.243.33 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-05 01:24:23 Times Seen119087 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	s33.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.533268006824326	0 B	2023-03-07	2024-05-05
Pretty URL s33.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.533268006824326 IP 195.216.243.33 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 07:01:40 Times Seen37355104 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cs-lip.at.ua/forum/61-798-1#1096	208 B	2023-03-07	2023-04-05
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:59 Last Seen2023-04-05 01:54:55 Times Seen31 Hash 5720e30a7ec655be06db59164aaea9c2 5970e6b2933a0fd134f50f80ac904d506c1f046e 5a43a584cf48263f2e41e19ab01ad20b93e2a0058dbe305db30fbf57838d28bd Loading...

	ishowyoufuture.com/services/geo.php	38 B	2023-03-09	2023-10-02
Pretty URL ishowyoufuture.com/services/geo.php IP 193.200.65.61 ASN #6681 Rozetka Sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:34:26 Last Seen2023-10-02 05:31:18 Times Seen1601 Hash 42e18074774584912858a6bc7d7c5419 c8efbdec5afd05e35b0df283cb846a1f55b4cdfc cc95ba7ed2483c07fbe0bb280d5b87db26ac40345f82014c50c96127bc0a4868 Loading...

	cs-lip.at.ua/forum/61-798-1#1096	2.8 kB	2023-03-29	2023-04-01
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:36:03 Last Seen2023-04-01 11:02:15 Times Seen8 Hash 151488ef0b5328d2e05cc0dcd4409243 a0b54e82216308d2d79517f3b3a04d399601e5ab 7b3fbc03b6ebcc6b40a17060b4003fbb44685e62087076369407641ff713eaea Loading...

	www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru	905 B	2023-03-29	2023-04-01
Pretty URL www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:40:40 Last Seen2023-04-01 11:02:15 Times Seen32 Hash 995266a6fcce37e24fd6ba59e54e0696 5f769ff0387014dd5ce83b23a8a4a31c7992b6a9 9afa8a57ddf5408da5c4c13e8768b568c961e726f4c5175ee4b284102240214a Loading...

	zcode12.me/?ze=hbrdinjsgy5ha3ddf42dkojs	10 B	2023-03-07	2024-05-04
Pretty URL zcode12.me/?ze=hbrdinjsgy5ha3ddf42dkojs IP 185.177.93.30 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-05-04 03:55:58 Times Seen4520 Hash f495e69f2e9edc75eeae7dd3ea78a747 a89e38bbe70fa2de5db9d578975abd4e9dcda52e 8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c Loading...

	cs-lip.at.ua/?37L33S3uTHrIB2atj%3B619%21k6pn1a5VcesvQe3mX1myT3%210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s	224 B	2023-03-07	2024-04-24
Pretty URL cs-lip.at.ua/?37L33S3uTHrIB2atj%3B619%21k6pn1a5VcesvQe3mX1myT3%210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s IP 195.216.243.33 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:44 Last Seen2024-04-24 13:56:02 Times Seen83 Hash 72c97871e6f2bb7dac08250a88927425 547b31569435e2df436c9b108a4500962c7a82a6 ffc2812d6882ba202a26172aab29455538f0a8540cc4b9ee0bb39b5b15224d0b Loading...

	scatrouting.com/bens/vinos.js?23433&u=null&a=0.026406494485177845	140 kB	2023-04-01	2023-04-01
Pretty URL scatrouting.com/bens/vinos.js?23433&u=null&a=0.026406494485177845 IP 193.200.64.20 ASN #6681 Rozetka Sp. z o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:36:21 Last Seen2023-04-01 10:36:21 Times Seen1 Hash 29add5d69c7da1bf15ad0c0f18d2bbc0 fdefe1d9f5ceef83f73652e80ce0881c2bdbe9de bad8c1c4148e568bd3d7b8c986f66601d590007ea9a7e81f5b3a3619b58b984f Loading...

	cs-lip.at.ua/?JT%21kmcxRN3lnTEQL%3BJ%21rpU5ELKBWhnX9xivMdghpSnUgQSruD1a5kz3TKr1fbsETjMckWbxFriOV9YCkIPNeB1wku%5EEOZpQ1%5E%3BrIwi6Q3h8xeOb4J1T6UzYJFpsK7uj5XeRlL34sxJHtwJsWUZChEGWP1w%21TGELhjzDiBvL8QF2TrWgjfVw7k%3BaF%5E2UVeAh1%5E9mNh7eGK%21ZTicp5c%3BZu	1.1 kB	2023-04-01	2023-04-01
Pretty URL cs-lip.at.ua/?JT%21kmcxRN3lnTEQL%3BJ%21rpU5ELKBWhnX9xivMdghpSnUgQSruD1a5kz3TKr1fbsETjMckWbxFriOV9YCkIPNeB1wku%5EEOZpQ1%5E%3BrIwi6Q3h8xeOb4J1T6UzYJFpsK7uj5XeRlL34sxJHtwJsWUZChEGWP1w%21TGELhjzDiBvL8QF2TrWgjfVw7k%3BaF%5E2UVeAh1%5E9mNh7eGK%21ZTicp5c%3BZu IP 195.216.243.33 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:36:21 Last Seen2023-04-01 10:36:21 Times Seen1 Hash 6054edc3ed34b1f3a8e8b84f54c1362d 6b77768996a79912a4fb5d7c5364e18cbb254f0e a33e3bd95435e7d47ebdacaecafa60edd9cefd6bf71c1aac4ef7e5da85a0c92a Loading...

	cs-lip.at.ua/?XZsYPwzJemCQA370IN0zFERftjPVNNAxnOsjmVsbr66n45vjP%21s%21LJfOSqU%5EGzwuS%5EMqDaSApaZ5rALOqPZlMSynhGaBFmZQZ%21WuT7BdZA9Ae%213xIaW%21rOcrAwqj4w4e7YxYhyOB2%21qZ1MyhOTZPwPQJRXMOua7VS1SnvPFzBUYFI3N%218rilkce%21in3gjye7EBktSfPMHaCEznnTHNco	834 B	2023-03-29	2023-06-20
Pretty URL cs-lip.at.ua/?XZsYPwzJemCQA370IN0zFERftjPVNNAxnOsjmVsbr66n45vjP%21s%21LJfOSqU%5EGzwuS%5EMqDaSApaZ5rALOqPZlMSynhGaBFmZQZ%21WuT7BdZA9Ae%213xIaW%21rOcrAwqj4w4e7YxYhyOB2%21qZ1MyhOTZPwPQJRXMOua7VS1SnvPFzBUYFI3N%218rilkce%21in3gjye7EBktSfPMHaCEznnTHNco IP 195.216.243.33 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:40:40 Last Seen2023-06-20 19:38:38 Times Seen132 Hash d6a22003b74c975b3f433d17f21e1414 f0d7b377035197c8f48a4c6c3e021bb5ceeadb40 e6a410cf41f8f06e33bb5de00aee2aa05a6e6d2e816f805de7adf138a031d3a7 Loading...

	cs-lip.at.ua/forum/61-798-1#1096	217 B	2023-03-07	2024-05-04
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:21 Last Seen2024-05-04 09:40:18 Times Seen936 Hash 643968481bd70d1b90acb3623acc1cbf a48c24f35825a4f9a22bb98e54b972ab914d0da6 1cc7811671da38d961a9ab7caf93a642e6b64d30f56cfe7e94370f25f190df2c Loading...

	cs-lip.at.ua/forum/61-798-1#1096	2.1 kB	2023-04-01	2023-04-01
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:36:22 Last Seen2023-04-01 10:36:22 Times Seen1 Hash 6c72ae512d1a942ba60c8edccaf2add3 6a3a540ecda03a43b699ccf03a43ad44458c68a5 18b401d9f58cb53a683d5425841a304a8ec61aadb7e386bcd3b79e9e8146d20d Loading...

	cs-lip.at.ua/forum/61-798-1#1096	833 B	2023-04-01	2023-04-01
Pretty URL cs-lip.at.ua/forum/61-798-1#1096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:36:22 Last Seen2023-04-01 10:36:22 Times Seen1 Hash f037264399e232d70d680a636b61f18a 7912b021da67c213afbc7d74ff290983b8348cfc b37472b93006db79b5222e1d82211f13146ee22651d4510b09c8f334a4c11b98 Loading...

	rot.spotsniper.ru/?src=ujs6	1 B	2023-03-07	2024-05-05
Pretty URL rot.spotsniper.ru/?src=ujs6 IP 31.172.81.158 ASN #44066 diva-e Datacenters GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-05-05 06:36:48 Times Seen21713 Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Loading...

		Size	First Seen	Last Seen
	#1 Write - 8b0fe86547ea1099fa2f32bd4c526c44	152 B	2023-03-07	2024-05-04
Pretty Observations First Seen2023-03-07 01:33:44 Last Seen2024-05-04 09:40:18 Times Seen1069 Hash 8b0fe86547ea1099fa2f32bd4c526c44 c180eadc55e8f386b0df85d043c4e682fb52ffb8 6887ab5beb82890d571c8f7c9d474bde94d3912e2b59247bab0fe77d408a026a Loading...

	#2 Write - e0cf2f1daa33562e44ba9bfc0671a2ba	59 B	2023-03-12	2023-12-17
Pretty Observations First Seen2023-03-12 14:10:05 Last Seen2023-12-17 15:44:53 Times Seen3 Hash e0cf2f1daa33562e44ba9bfc0671a2ba f65a2a5e7c60541735e6fd5557b379f9ccd2c8f5 66d4576bc6b4328b658653976c908e5f4991d550a2aef1e59f3726055cdf2961 Loading...

HTTP Transactions (101)

URL IP Response Size

cs-lip.at.ua/forum/61-798-0-17-1

195.216.243.33

302 Found

219 B

URL HTTP/1.1
cs-lip.at.ua/forum/61-798-0-17-1
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
219 B (219 bytes)
Hash
ac8b73d1f3dff217a50bffb002e1f032
86f1180978938fc8f2701406d45ba9ce9a7466f1
285470be78d822cea29fe46bc053f76823f028a6c4f87fc7e2692b43247be707

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /forum/61-798-0-17-1 HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 2cs-lipuCoz=; path=/; expires=Tue, 30-Mar-2021 04:49:17 GMT; HttpOnly; domain=.cs-lip.at.ua
2cs-lipuzfss=lt%3D1680151757%2Cpst%3D1680133757; path=/forum; expires=Fri, 29-Mar-2024 04:49:17 GMT; domain=.cs-lip.at.ua
Location: http://cs-lip.at.ua/forum/61-798-1#1096
Cache-Control: private

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11015
Expires: Thu, 30 Mar 2023 07:52:51 GMT
Date: Thu, 30 Mar 2023 04:49:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12503
Expires: Thu, 30 Mar 2023 08:17:39 GMT
Date: Thu, 30 Mar 2023 04:49:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 30 Mar 2023 04:28:15 GMT
content-type: application/json
age: 1262
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9704
Expires: Thu, 30 Mar 2023 07:31:01 GMT
Date: Thu, 30 Mar 2023 04:49:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: f1YiqdInkvNG+aPHD96/dQHj5Ewpw583lKQ5zqpRFR7WDgpQMPgv34VGYREn8z5COaE4azDfeLI=
x-amz-request-id: YNH0R8SJ2MGGWV67
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 30 Mar 2023 04:02:46 GMT
age: 2791
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 04:49:17 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cs-lip.at.ua/forum/61-798-1

195.216.243.33

200 OK

11 kB

URL HTTP/1.1
cs-lip.at.ua/forum/61-798-1
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (5751)
Size
11 kB (10651 bytes)
Hash
b4bf1c621eb3020f0cedfa210da6b0bb
f01f2e111ee7bd9d5d2fc209dc505c67c717cdfc
8a0192a64fe2b7b1e11a760c018c6aab36160bd251f4e62f69e262f53952235d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /forum/61-798-1 HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 2cs-lipuzfss=lt%3D1680151757%2Cpst%3D1680133757
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 2cs-lipuCoz=; path=/; expires=Tue, 30-Mar-2021 04:49:17 GMT; HttpOnly; domain=.cs-lip.at.ua
2cs-lipuzfss=lt%3D1680151757%2Cpst%3D1680133757; path=/forum; expires=Fri, 29-Mar-2024 04:49:17 GMT; domain=.cs-lip.at.ua
2cs-lipuzll=1680151757; path=/; expires=Fri, 29-Mar-2024 04:49:17 GMT; domain=.cs-lip.at.ua
2cs-lipf0=; path=/forum; expires=Fri, 29-Mar-2024 04:49:17 GMT; domain=.cs-lip.at.ua
ucvid=iXZ4K16yi5; path=/; expires=Fri, 29-Mar-2024 04:49:17 GMT
2cs-lippushi=1; path=/; expires=Fri, 31-Mar-2023 03:49:17 GMT
Pragma: no-cache
Vary: host
Last-Modified: Thu, 30 Mar 2023 04:49:07 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip

cs-lip.at.ua/?JT%21kmcxRN3lnTEQL%3BJ%21rpU5ELKBWhnX9xivMdghpSnUgQSruD1a5kz3TKr1fbsETjMckWbxFriOV9YCkIPNeB1wku%5EEOZpQ1%5E%3BrIwi6Q3h8xeOb4J1T6UzYJFpsK7uj5XeRlL34sxJHtwJsWUZChEGWP1w%21TGELhjzDiBvL8QF2TrWgjfVw7k%3BaF%5E2UVeAh1%5E9mNh7eGK%21ZTicp5c%3BZu

195.216.243.33

200 OK

1.1 kB

URL HTTP/1.1
cs-lip.at.ua/?JT%21kmcxRN3lnTEQL%3BJ%21rpU5ELKBWhnX9xivMdghpSnUgQSruD1a5kz3TKr1fbsETjMckWbxFriOV9YCkIPNeB1wku%5EEOZpQ1%5E%3BrIwi6Q3h8xeOb4J1T6UzYJFpsK7uj5XeRlL34sxJHtwJsWUZChEGWP1w%21TGELhjzDiBvL8QF2TrWgjfVw7k%3BaF%5E2UVeAh1%5E9mNh7eGK%21ZTicp5c%3BZu
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
1.1 kB (1147 bytes)
Hash
6054edc3ed34b1f3a8e8b84f54c1362d
6b77768996a79912a4fb5d7c5364e18cbb254f0e
a33e3bd95435e7d47ebdacaecafa60edd9cefd6bf71c1aac4ef7e5da85a0c92a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /?JT%21kmcxRN3lnTEQL%3BJ%21rpU5ELKBWhnX9xivMdghpSnUgQSruD1a5kz3TKr1fbsETjMckWbxFriOV9YCkIPNeB1wku%5EEOZpQ1%5E%3BrIwi6Q3h8xeOb4J1T6UzYJFpsK7uj5XeRlL34sxJHtwJsWUZChEGWP1w%21TGELhjzDiBvL8QF2TrWgjfVw7k%3BaF%5E2UVeAh1%5E9mNh7eGK%21ZTicp5c%3BZu HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f52e1a56e3580c1bf81562a9df645f8
7c0b65f04f7c1ce3cc65f0ab3207d8d18ba5350b
28f16d1df407bb8bf6b28d978c94a40ea1f151dbc9e4e73493c999d881c3dc25

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 04:49:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s33.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.533268006824326

195.216.243.33

200 OK

0 B

URL HTTP/1.1
s33.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.533268006824326
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.533268006824326 HTTP/1.1
Host: s33.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15

cs-lip.at.ua/.s/src/base.min.css

195.216.243.33

200 OK

7.3 kB

URL HTTP/1.1
cs-lip.at.ua/.s/src/base.min.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
assembler source, Unicode text, UTF-8 text, with very long lines (352)
Size
7.3 kB (7340 bytes)
Hash
ff7894573a4bf2a56c5c12a0bbf5255e
a69ce8bab24c728bfd1afb6349c9b3957cca628d
a1b8116f855e9044ad9bb549f2d2d24f73b220dc182ac0c6405efde159725940

HTTP Headers

GET /.s/src/base.min.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Mar 2023 10:37:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"641442d7-6e66"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/.s/src/layer1.min.css

195.216.243.33

200 OK

5.3 kB

URL HTTP/1.1
cs-lip.at.ua/.s/src/layer1.min.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (21841), with no line terminators
Size
5.3 kB (5257 bytes)
Hash
24fb187f550be3fbf943445a84c5c6fc
781e89e636d151e3c03a4ac3da5c01f0a382261e
6e641727220a44bd9ab6e5cb48b2d25af9f251fbb27bc3b666f8bb6a5892700a

HTTP Headers

GET /.s/src/layer1.min.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Mar 2023 12:46:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6401ec16-5551"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/_st/my.css

195.216.243.33

200 OK

369 B

URL HTTP/1.1
cs-lip.at.ua/_st/my.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
Unicode text, UTF-8 text
Size
369 B (369 bytes)
Hash
9dfda77e750ab1bbee49045c34269a6c
2759deed6fc13943fbcde1deb81abc4abc0d8e4a
d407a7ec5866bf380b1a4c83bc835ff68228087dd47de45f126939427f4a3e8b

HTTP Headers

GET /_st/my.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Sat, 03 Sep 2022 15:08:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63136e03-38a"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/?XZsYPwzJemCQA370IN0zFERftjPVNNAxnOsjmVsbr66n45vjP%21s%21LJfOSqU%5EGzwuS%5EMqDaSApaZ5rALOqPZlMSynhGaBFmZQZ%21WuT7BdZA9Ae%213xIaW%21rOcrAwqj4w4e7YxYhyOB2%21qZ1MyhOTZPwPQJRXMOua7VS1SnvPFzBUYFI3N%218rilkce%21in3gjye7EBktSfPMHaCEznnTHNco

195.216.243.33

200 OK

834 B

URL HTTP/1.1
cs-lip.at.ua/?XZsYPwzJemCQA370IN0zFERftjPVNNAxnOsjmVsbr66n45vjP%21s%21LJfOSqU%5EGzwuS%5EMqDaSApaZ5rALOqPZlMSynhGaBFmZQZ%21WuT7BdZA9Ae%213xIaW%21rOcrAwqj4w4e7YxYhyOB2%21qZ1MyhOTZPwPQJRXMOua7VS1SnvPFzBUYFI3N%218rilkce%21in3gjye7EBktSfPMHaCEznnTHNco
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
834 B (834 bytes)
Hash
d6a22003b74c975b3f433d17f21e1414
f0d7b377035197c8f48a4c6c3e021bb5ceeadb40
e6a410cf41f8f06e33bb5de00aee2aa05a6e6d2e816f805de7adf138a031d3a7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /?XZsYPwzJemCQA370IN0zFERftjPVNNAxnOsjmVsbr66n45vjP%21s%21LJfOSqU%5EGzwuS%5EMqDaSApaZ5rALOqPZlMSynhGaBFmZQZ%21WuT7BdZA9Ae%213xIaW%21rOcrAwqj4w4e7YxYhyOB2%21qZ1MyhOTZPwPQJRXMOua7VS1SnvPFzBUYFI3N%218rilkce%21in3gjye7EBktSfPMHaCEznnTHNco HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache

www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru

216.58.207.228

200 OK

580 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (905), with no line terminators
Size
580 B (580 bytes)
Hash
304a0c41d88516b84802f7c8b34b4b04
2726c8beb1b1e776185c0dd7eccf459b188d27d0
602bcdcd5cd32ec0e5a2b4efef5be53858dc035f77b73c8e0112cc93c2c12ea2

HTTP Headers

GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cs-lip.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Thu, 30 Mar 2023 04:49:17 GMT
date: Thu, 30 Mar 2023 04:49:17 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cs-lip.at.ua/.s/src/ulightbox/ulightbox.min.css

195.216.243.33

200 OK

1.4 kB

URL HTTP/1.1
cs-lip.at.ua/.s/src/ulightbox/ulightbox.min.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (4552), with no line terminators
Size
1.4 kB (1359 bytes)
Hash
9c03edbcbefe3eea8902981444de96f7
ca39997a1765ab084fb7e6740858176b9385c4ca
8487aa6ee4bd261bdf1f5b681cf96d347cd980ed45183c5a2a9571db6c891a08

HTTP Headers

GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/.s/src/ulightbox/ulightbox.min.js

195.216.243.33

200 OK

7.7 kB

URL HTTP/1.1
cs-lip.at.ua/.s/src/ulightbox/ulightbox.min.js
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (22313), with no line terminators
Size
7.7 kB (7650 bytes)
Hash
a75011b4b2ffeaa63060ffbb03e2c66f
69d57fe045c036554f20958c5c62a7fcfc622980
29965c29892b83aab0666717f0dd62747011cf46c8824b66c260fd4a6b0cd736

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/javascript
Last-Modified: Tue, 07 Feb 2023 13:52:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63e25790-5729"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dc0cf0275c44e5495e8f323c00b9d588
f7f19e521a439f85915f7582797a060629b879c6
abc856a823e0d89a87f6a4d3b2a48f5dcb99cdd94ce5d3b8cb8d51e665a74c4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 04:49:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cs-lip.at.ua/jps.css

195.216.243.33

200 OK

411 B

URL HTTP/1.1
cs-lip.at.ua/jps.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
411 B (411 bytes)
Hash
d24182c783366f2271278b6031f54d63
6339c30157bdb8ea709044fc35e3b03d03993545
7d0d0f8a5fc9089d957004b7d735307f3f73702ed76d87c5b45f038f420a1a8b

HTTP Headers

GET /jps.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Thu, 02 Dec 2010 08:06:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4cf75382-42b"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/.s/src/uwnd.min.js

195.216.243.33

200 OK

57 kB

URL HTTP/1.1
cs-lip.at.ua/.s/src/uwnd.min.js
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (65536), with no line terminators
Size
57 kB (56796 bytes)
Hash
20adfead3a54ad11599adb1bab3d6fc6
23bb516448d5c643cb186ad9aec426388aa79dfd
b49b11429b509cf608a66bbcebc13cf63fa444b998c1a678d1bebfe33f7c2ff4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/src/uwnd.min.js HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/.s/src/jquery-1.12.4.min.js

195.216.243.33

200 OK

34 kB

URL HTTP/1.1
cs-lip.at.ua/.s/src/jquery-1.12.4.min.js
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (32077)
Size
34 kB (33793 bytes)
Hash
eed194bd33958fd0768352b877915a40
db7a4073a53efb53155652219d948940efe6baa7
9eaac8a63f3851efef83bd151a558f6c8d8e6bb75c7725625cf8892b6312aa06

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /.s/src/jquery-1.12.4.min.js HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/javascript
Last-Modified: Thu, 01 Sep 2022 17:43:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6310ef5b-17b8b"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae064c74a3769d42109473ad05d56fb9
d48029ab8568cee6ab7416d3b476ed792d780a56
9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F"
Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10786
Expires: Thu, 30 Mar 2023 07:49:03 GMT
Date: Thu, 30 Mar 2023 04:49:17 GMT
Connection: keep-alive

cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css

195.216.243.33

200 OK

5.1 kB

URL HTTP/1.1
cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
assembler source, ASCII text, with very long lines (398)
Size
5.1 kB (5113 bytes)
Hash
83d54f757de78e452922ea242590305e
ba55c32202b971d556648940ccaf2d72a4ae3709
45d14e922c0f93e8dd2f7b144ff02dd7cef5dae84ad92ab0fc2c6419d9e4b562

HTTP Headers

GET /nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/jps.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Thu, 20 Jan 2011 06:44:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4d37d9c8-61ba"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/nf3j54jds6/go3sh3jd7vo2te.css

195.216.243.33

200 OK

256 B

URL HTTP/1.1
cs-lip.at.ua/nf3j54jds6/go3sh3jd7vo2te.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with CRLF line terminators
Size
256 B (256 bytes)
Hash
47123280be4c4ff29871f04ccb92ec74
027565fe54d6e9f1b8715ddb27f06929996224d8
73182a27ba18e5be5fdc37d990a757b823a6831406abcbbb1c0b65e9445ac131

HTTP Headers

GET /nf3j54jds6/go3sh3jd7vo2te.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/jps.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Sat, 02 Oct 2010 14:44:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4ca74553-1cc"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/nf3j54jds6/code324de-34qoojhee.css

195.216.243.33

200 OK

329 B

URL HTTP/1.1
cs-lip.at.ua/nf3j54jds6/code324de-34qoojhee.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with CRLF line terminators
Size
329 B (329 bytes)
Hash
00f2b902186a565e110017ccdd51c6ff
91070d2749aa2938aadba9d976322582fd05067a
714ea535a7afab909dabc108917d10aea4344c4d7a01fa23f2ef9f36d47b8af2

HTTP Headers

GET /nf3j54jds6/code324de-34qoojhee.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/jps.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Sat, 02 Oct 2010 14:48:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4ca7464a-3b7"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/nf3j54jds6/n1.css

195.216.243.33

200 OK

168 B

URL HTTP/1.1
cs-lip.at.ua/nf3j54jds6/n1.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
91bf38369a5380e2c633adf3f55122e3
4197fb19de8c3b256e950af5346763a4e3692289
f1a14e64111494bf13e33ae368d8bb2b4a79b273ccebe4b95a9a4bcdd7766c0e

HTTP Headers

GET /nf3j54jds6/n1.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/jps.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Sat, 02 Oct 2010 14:39:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4ca74418-bf"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/nf3j54jds6/m32gdhbenuj4dfw.css

195.216.243.33

200 OK

685 B

URL HTTP/1.1
cs-lip.at.ua/nf3j54jds6/m32gdhbenuj4dfw.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with CRLF line terminators
Size
685 B (685 bytes)
Hash
4c2558627786fd3cad1131e6e0d141d2
049dfa342bae51a860e0705b8e44352e4f5df7ce
1dce24466bd223032a5c504367ab575dab7388b6372e99cfc4b410b47779d99f

HTTP Headers

GET /nf3j54jds6/m32gdhbenuj4dfw.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/jps.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Sat, 02 Oct 2010 14:47:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4ca745ef-cea"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

cs-lip.at.ua/nf3j54jds6/n2ajs.css

195.216.243.33

200 OK

521 B

URL HTTP/1.1
cs-lip.at.ua/nf3j54jds6/n2ajs.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
521 B (521 bytes)
Hash
4fd53ac9b9ffd1413877b0c2b4deb49b
adcbd25b602fdf40b6ed6b9a2bb541e809b9c97c
0ec67ed0169b6c59c35e52ec6e6e970883ab00d2c03fa485dc289beabee875a5

HTTP Headers

GET /nf3j54jds6/n2ajs.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/jps.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Thu, 02 Dec 2010 08:08:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4cf75412-685"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 30 Mar 2023 04:14:37 GMT
age: 2080
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cs-lip.at.ua/button/button.css

195.216.243.33

200 OK

7.1 kB

URL HTTP/1.1
cs-lip.at.ua/button/button.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (7712), with CRLF line terminators
Size
7.1 kB (7138 bytes)
Hash
a34f2331c81dbb83a2596125777e78d4
cd2d45eef42c3d5f2bc435d678423ed1cd5925cb
1f9b585fc145043a2201d3f12247538c093839a63f690ab0268ebbc8601e238e

HTTP Headers

GET /button/button.css HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/jps.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: text/css
Last-Modified: Wed, 22 Sep 2010 08:09:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"4c99b9d2-4872"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

counter.pr-cy.ru/prcy/zorend.ru

93.171.203.247

200 OK

1.2 kB

URL HTTP/1.1
counter.pr-cy.ru/prcy/zorend.ru
IP
93.171.203.247:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.2 kB (1189 bytes)
Hash
596937851ffe5e9dc49854791e3d3188
7b151185de1bffc4f1bf42c1c24a43536d95c8b6
bf2379e9cf026907b3ec75cdf1046bc6aa2911f5b02f8665ddac9cfd036d0fb6

HTTP Headers

GET /prcy/zorend.ru HTTP/1.1
Host: counter.pr-cy.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: TornadoServer/4.2
Content-Encoding: gzip

cs-lip.at.ua/.s/img/fr/bt/39/t_new.gif

195.216.243.33

200 OK

1.4 kB

URL HTTP/1.1
cs-lip.at.ua/.s/img/fr/bt/39/t_new.gif
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 114 x 24\012- data
Size
1.4 kB (1416 bytes)
Hash
cc5696ab712a240d336066bf667f6692
c79abb02b224523de5f2246b89c8ebc713871e0a
b8d1e5a87e9a2b9cf4c6a8df848036e386ab5d873e889a87681b2fe03e51c330

HTTP Headers

GET /.s/img/fr/bt/39/t_new.gif HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 1416
Last-Modified: Mon, 21 Nov 2022 12:38:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b712c-588"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/.s/img/fr/bt/39/t_reply.gif

195.216.243.33

200 OK

1.3 kB

URL HTTP/1.1
cs-lip.at.ua/.s/img/fr/bt/39/t_reply.gif
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 101 x 24\012- data
Size
1.3 kB (1279 bytes)
Hash
65ba741474db0acd6688bcf1aa4cb9e2
38e5b599dea60218641f69bb1d45ab59c42b812a
78b5c03a003238c5d8c0c58e80db8495d8b513096a13ffea207d4f9c11630d8d

HTTP Headers

GET /.s/img/fr/bt/39/t_reply.gif HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 1279
Last-Modified: Mon, 21 Nov 2022 12:38:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b712c-4ff"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/.s/img/fr/bt/39/t_poll.gif

195.216.243.33

200 OK

1.2 kB

URL HTTP/1.1
cs-lip.at.ua/.s/img/fr/bt/39/t_poll.gif
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 114 x 24\012- data
Size
1.2 kB (1230 bytes)
Hash
3c8ec3fd2a20bb5d704ada2e224eced5
1ba67bee1f38ce66d2245edb8065178172838aca
946627275657c129e1e73c874852361859c2c520aea3c8d31e2d0eac82fc649b

HTTP Headers

GET /.s/img/fr/bt/39/t_poll.gif HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 1230
Last-Modified: Mon, 21 Nov 2022 12:38:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b712c-4ce"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/spacer.png

195.216.243.33

200 OK

110 B

URL HTTP/1.1
cs-lip.at.ua/img/spacer.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
110 B (110 bytes)
Hash
5de8a76ea08d81ec42740eff415bc878
c8d27a4918f282a09a1816d89aad905026d14a5c
859e0d54ce7aae5de46f9ac67a24313fed8bd042baa8cd3135a1395db5aef5c6

HTTP Headers

GET /img/spacer.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 110
Last-Modified: Thu, 20 Jan 2011 06:38:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d878-6e"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/.s/img/fr/bt/39/p_profile.gif

195.216.243.33

200 OK

689 B

URL HTTP/1.1
cs-lip.at.ua/.s/img/fr/bt/39/p_profile.gif
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 85 x 18\012- data
Size
689 B (689 bytes)
Hash
3132bf14ba02f1a73b4adb71912a0afb
4c2db9a09f62a5e87e37b072d8373885b205bee5
409c551f5a93b92d00b2e0d2b3552b0c0923c34c15b748ab265414d2b4abb612

HTTP Headers

GET /.s/img/fr/bt/39/p_profile.gif HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 689
Last-Modified: Mon, 21 Nov 2022 12:38:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b712c-2b1"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/.s/img/fr/bt/39/p_up.gif

195.216.243.33

200 OK

256 B

URL HTTP/1.1
cs-lip.at.ua/.s/img/fr/bt/39/p_up.gif
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 18 x 18\012- data
Size
256 B (256 bytes)
Hash
c638782b13e5e34f90ab28992142f38f
6ddca733d03bd6323f313a4aa238b7f479c7ed46
213fd97396a80ec7201b39880449a06ad49738900a228b708f817b810f4c3b31

HTTP Headers

GET /.s/img/fr/bt/39/p_up.gif HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 256
Last-Modified: Mon, 21 Nov 2022 12:38:04 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "637b712c-100"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/bg-fon.png

195.216.243.33

404 Not Found

2.7 kB

URL HTTP/1.1
cs-lip.at.ua/img/bg-fon.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (348)
Size
2.7 kB (2656 bytes)
Hash
7d61f3d2524ddb2261ce5294fcffacd9
9215626f645f1310a7ade9e639b3694377b4e945
de2aeab2cb5c63bc0d2c3cf9eb5bf6a19fe9e7ac1e9c9e2b362f8bb0501e4c16

HTTP Headers

GET /img/bg-fon.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip

cs-lip.at.ua/avatar/00/00/081418.jpg

195.216.243.33

200 OK

7.5 kB

URL HTTP/1.1
cs-lip.at.ua/avatar/00/00/081418.jpg
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 110x110, components 3\012- data
Size
7.5 kB (7525 bytes)
Hash
f832b7ce6d8a67227ff9cff55ec73f10
6c17f8f10546b41738f9d1de355f5d008ccdb67a
e355199c82a08be45615cbcf53a7f9b03e3f417a1ff8208f04e4faa76a89ee01

HTTP Headers

GET /avatar/00/00/081418.jpg HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/jpeg
Content-Length: 7525
Last-Modified: Wed, 05 Apr 2017 19:46:44 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "58e549a4-1d65"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/stat/1680151757

195.216.243.33

200 OK

406 B

URL HTTP/1.1
cs-lip.at.ua/stat/1680151757
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 87a, 88 x 31\012- data
Size
406 B (406 bytes)
Hash
7e3ab53f6b4dd72ed653c426d69e49e4
a9e514379b74634bbb06b2923f74858f992d3904
7eba16087f2e547bc684d524e192c868e7f09c78236a85ceaf91a31c7bff18df

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stat/1680151757 HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT

cs-lip.at.ua/img/no-banner_468x60.jpg

195.216.243.33

200 OK

26 kB

URL HTTP/1.1
cs-lip.at.ua/img/no-banner_468x60.jpg
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 468x60, components 3\012- data
Size
26 kB (26143 bytes)
Hash
af4f668d43d3618ffe2f90c81b3632ce
7a02cf3b4a3d39c704df3313a3b26ce297cc6410
8de411caafd64d0d03a5f5f48412e0740741dd50b62522301c77af9c31869a94

HTTP Headers

GET /img/no-banner_468x60.jpg HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:17 GMT
Content-Type: image/jpeg
Content-Length: 26143
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-661f"
Expires: Wed, 19 Apr 2023 04:49:17 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rzAgHWm6XInKUzDbHNQHFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: coIiEEpFrcyq5Rb9mof+1FhYG8s=
Date: Thu, 30 Mar 2023 04:49:17 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cs-lip.at.ua/img/line_top.png

195.216.243.33

200 OK

180 B

URL HTTP/1.1
cs-lip.at.ua/img/line_top.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
180 B (180 bytes)
Hash
cafaa29ffe5070ce372ffa5c2229b541
0de423d799a9005c510aa909cfc764ca569ed0c2
8189a5f7af912ee0e9a4ef7cd8bc963f17ecc01bea374ead5e518cc438ec7e3b

HTTP Headers

GET /img/line_top.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 180
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-b4"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/line_top-hr.png

195.216.243.33

200 OK

234 B

URL HTTP/1.1
cs-lip.at.ua/img/line_top-hr.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 2 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
234 B (234 bytes)
Hash
47947b6a19ab597ea4e3ab055ab992fb
94540eb134769a78b0ee2b3027b6aea7a3e1f08e
092bab9c4ffc633727080cf53b01f306602aaa2e479e78ca63ea7c9274241738

HTTP Headers

GET /img/line_top-hr.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 234
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-ea"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/loginfield.png

195.216.243.33

200 OK

694 B

URL HTTP/1.1
cs-lip.at.ua/img/loginfield.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 146 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
694 B (694 bytes)
Hash
122d3065d23554b969808e1566ccf9b6
768591c22f92252bb614a71f81577697affe85ff
cf6bc8ad97093904db00b7b6a367e0877ee7b750b10a45d5a34a5dd04751d55e

HTTP Headers

GET /img/loginfield.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 694
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-2b6"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/button.gif

195.216.243.33

200 OK

96 B

URL HTTP/1.1
cs-lip.at.ua/img/button.gif
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 1 x 20\012- data
Size
96 B (96 bytes)
Hash
49a25c37ad5349b97c537068e01b61ab
36bf6eb37226355e8969d31d822c144ec7fd5451
48a8d7a26c79eb019d988609054c6e5912a0949524b44b2b2b0d9e248b6dd6e6

HTTP Headers

GET /img/button.gif HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 96
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-60"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/header_bg.png

195.216.243.33

200 OK

179 B

URL HTTP/1.1
cs-lip.at.ua/img/header_bg.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1 x 109, 8-bit/color RGBA, non-interlaced\012- data
Size
179 B (179 bytes)
Hash
03395afce645f8d27051ee26a636e1ed
2fc237c713f61bddb60c8ec09ab9f64a3ef2de30
eb915c7ca26312935f01980546fc287fbc588db7cfac386b444d335f35db943c

HTTP Headers

GET /img/header_bg.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 179
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-b3"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/header_right.png

195.216.243.33

200 OK

2.1 kB

URL HTTP/1.1
cs-lip.at.ua/img/header_right.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 58 x 109, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2149 bytes)
Hash
5fabe99524ee8b4be66f951d734a6423
fc7ff2dd63ab8fcedd18351d5987f29a3ad5121b
94af2847149643353e86283dcabb9c55ae64d8815fb4cb2d2df1f2311629bd5b

HTTP Headers

GET /img/header_right.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 2149
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-865"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/banner_big-bg.png

195.216.243.33

200 OK

624 B

URL HTTP/1.1
cs-lip.at.ua/img/banner_big-bg.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 478 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size
624 B (624 bytes)
Hash
1440abc3f9d2336a860ee8010ef014e4
37089369b1b651121b3a7ebe3a937eb9b92f9fe9
4a0beaa7665855a286f2446b3c53545f31b58d74a2cac971bd6466783ebb73bf

HTTP Headers

GET /img/banner_big-bg.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 624
Last-Modified: Thu, 20 Jan 2011 06:38:46 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d876-270"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/menu_line-top.png

195.216.243.33

200 OK

952 B

URL HTTP/1.1
cs-lip.at.ua/img/menu_line-top.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
952 B (952 bytes)
Hash
9f0c7c5e62c289fe937f9716a6aa6bbd
e4ab62d1fd6886e8628cdbc10ef2b01243960572
4bd3c0e667201f740140d4e26f4ef6cfd98825c7e46379ef7d8b56c3fbd255b9

HTTP Headers

GET /img/menu_line-top.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 952
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-3b8"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/menu_line-top_bg.png

195.216.243.33

200 OK

119 B

URL HTTP/1.1
cs-lip.at.ua/img/menu_line-top_bg.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1 x 48, 8-bit/color RGB, non-interlaced\012- data
Size
119 B (119 bytes)
Hash
58027b1f3b621de421e15cc943755870
c1caa227e7fae573d4d2d462db2a1538caba0fed
85a9f67d46ec8c55a165554d858923af539dbced89baa779e6ef17d593b930cd

HTTP Headers

GET /img/menu_line-top_bg.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 119
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-77"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/menu_bg.png

195.216.243.33

200 OK

163 B

URL HTTP/1.1
cs-lip.at.ua/img/menu_bg.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1 x 43, 8-bit/color RGB, non-interlaced\012- data
Size
163 B (163 bytes)
Hash
31b87a2bae91dfcdd9228bc89986f5c1
04b50f0a463158a831c1142440e2cb82428b07fc
5f1396be40921fa88596d8003d66c1d0e2232c845bf75ceea58c6e831e7fe090

HTTP Headers

GET /img/menu_bg.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 163
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-a3"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/logo.png

195.216.243.33

200 OK

20 kB

URL HTTP/1.1
cs-lip.at.ua/img/logo.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 406 x 109, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20156 bytes)
Hash
9a0a790ea1159d041097e85fd4c15cf4
29df0de8f99617fdab429bea73e0aa1f9de2be38
5a8925f608d27117f53a6a57955651db68ced69fad091cf8615df5d5d4b020b9

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 20156
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-4ebc"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/menu_line-hr.png

195.216.243.33

200 OK

203 B

URL HTTP/1.1
cs-lip.at.ua/img/menu_line-hr.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 2 x 42, 8-bit/color RGB, non-interlaced\012- data
Size
203 B (203 bytes)
Hash
783d0fd778f6a413ec654949bfc2f34b
dc8bf1d8f9f3df3d163e8931d7375eada204826b
5b67ba80b11c1303e5bddbc45e8cd04ee217a8f8d1bd64c35f3bae8963b4b104

HTTP Headers

GET /img/menu_line-hr.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 203
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-cb"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/search-bg.png

195.216.243.33

200 OK

733 B

URL HTTP/1.1
cs-lip.at.ua/img/search-bg.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 188 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
733 B (733 bytes)
Hash
e8e31586d9a5a23beff45c7f5fcbfc13
1031b6c561342672ae96dee01a6a93a0b4a44a3b
e4c08f35f79fd40a0a75bd7e11bcd6fb840481cb3c9e5778e75467a2d4f0abae

HTTP Headers

GET /img/search-bg.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 733
Last-Modified: Thu, 20 Jan 2011 06:38:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d878-2dd"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/eTitle-ugl.png

195.216.243.33

200 OK

426 B

URL HTTP/1.1
cs-lip.at.ua/img/eTitle-ugl.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 12 x 41, 8-bit/color RGB, non-interlaced\012- data
Size
426 B (426 bytes)
Hash
dccc534d8d10d5c138ce3839095f7808
6ee8494736d400bd5321f25206f9d91e956214b5
7674e3413879cade147ad8b7638298d2ae50b23b4ea13d43690b405c93e93c15

HTTP Headers

GET /img/eTitle-ugl.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 426
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-1aa"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/eTitle.png

195.216.243.33

200 OK

170 B

URL HTTP/1.1
cs-lip.at.ua/img/eTitle.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1 x 41, 8-bit/color RGB, non-interlaced\012- data
Size
170 B (170 bytes)
Hash
47eb840b362c94dd124a96421858a4e8
5f678b18d9e3be61dfe6ba873a3d485a78c351a2
354b458296be4ab5324f25049319e45eb676eaf2e1a1f9a75b7b463a6c76e511

HTTP Headers

GET /img/eTitle.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 170
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-aa"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/ugl-b.png

195.216.243.33

200 OK

3.0 kB

URL HTTP/1.1
cs-lip.at.ua/img/ugl-b.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 14 x 7, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3036 bytes)
Hash
2d2c6dd9e04a241c626540b52a25c744
0f620366aa1fbe4f63301a6acbe0aac0620a9a81
5e7c5d61f08da502a43f1f0a37b76409d04f400d04adf43c6ccc7c7f5b380834

HTTP Headers

GET /img/ugl-b.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 3036
Last-Modified: Thu, 20 Jan 2011 06:38:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d878-bdc"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/footer_bg.png

195.216.243.33

200 OK

174 B

URL HTTP/1.1
cs-lip.at.ua/img/footer_bg.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1 x 75, 8-bit/color RGB, non-interlaced\012- data
Size
174 B (174 bytes)
Hash
1653bbce82c8e862989d2bf6a60d195f
a46f9fe680ee5ca02fe8b0d5af9641e1792172e2
53b4394eb0902e7b7c9027b4a8ccc4366ef80d94f2d2035c90ceff5c89794bb2

HTTP Headers

GET /img/footer_bg.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 174
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-ae"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/gTableTop.png

195.216.243.33

200 OK

161 B

URL HTTP/1.1
cs-lip.at.ua/img/gTableTop.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1 x 38, 8-bit/color RGB, non-interlaced\012- data
Size
161 B (161 bytes)
Hash
c0ac9bdf41643f061b43755bfa3950c0
ff1b784b75bbbb37cdad13f45d9da6a38f76fe13
3d38dc4d47cec29e48f46ce4560c3e508c2c6b6d20c164c8531eb230166a7f62

HTTP Headers

GET /img/gTableTop.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 161
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-a1"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

cs-lip.at.ua/img/footer_bg-l.png

195.216.243.33

200 OK

1.7 kB

URL HTTP/1.1
cs-lip.at.ua/img/footer_bg-l.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 479 x 75, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1680 bytes)
Hash
e54e1998f0359b1c9dc1622309796587
dd6ee6ae5686ba55fc7faa19109a02db5930a1f9
5c9be6942f904c914b83ad16aa1d16e6be1b405cc33a9d8ba1e1427956abed66

HTTP Headers

GET /img/footer_bg-l.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/cgsji34g65j6gwf98fwfflh457lhbvwjed43f43tg.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 1680
Last-Modified: Thu, 20 Jan 2011 06:38:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d37d877-690"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2073a604f6a67f0139d15105b439d2d6
8e0fa4d6db6cf63c42c230d765aa0dbabdbca422
c71e1b3b619296dfd7f8266dda8bc99d171a55fc60d30529d278d98872018ed1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C71E1B3B619296DFD7F8266DDA8BC99D171A55FC60D30529D278D98872018ED1"
Last-Modified: Tue, 28 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14979
Expires: Thu, 30 Mar 2023 08:58:56 GMT
Date: Thu, 30 Mar 2023 04:49:17 GMT
Connection: keep-alive

cs-lip.at.ua/?37L33S3uTHrIB2atj%3B619%21k6pn1a5VcesvQe3mX1myT3%210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s

195.216.243.33

200 OK

798 B

URL HTTP/1.1
cs-lip.at.ua/?37L33S3uTHrIB2atj%3B619%21k6pn1a5VcesvQe3mX1myT3%210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
798 B (798 bytes)
Hash
72909a379d59d2a8d5841f67d98f91a6
c7de978b320ea3261b06c0eb1607b5852cafd5f0
d1ea820e567c2e5d57d22502e6a43925588713c5ae1717b8cb9c670f84f14400

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /?37L33S3uTHrIB2atj%3B619%21k6pn1a5VcesvQe3mX1myT3%210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip

cs-lip.at.ua/forum_img/code.png

195.216.243.33

200 OK

16 kB

URL HTTP/1.1
cs-lip.at.ua/forum_img/code.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 250 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16512 bytes)
Hash
cc9ba6a4953d4f20c504cec9de8da47f
15fd8ea259d53f11b94e47e30ed8bf636b49ebdf
8ec766483f97c418ee023dcb1cb2d85a028bf9449e8f8691379527b7cce119f8

HTTP Headers

GET /forum_img/code.png HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/nf3j54jds6/code324de-34qoojhee.css
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 16512
Last-Modified: Sun, 12 Sep 2010 20:08:22 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c8d3336-4080"
Expires: Wed, 19 Apr 2023 04:49:18 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

s33.ucoz.net/adv/dummy/000/css/style.css

195.216.243.33

200 OK

1.6 kB

URL HTTP/1.1
s33.ucoz.net/adv/dummy/000/css/style.css
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
1.6 kB (1564 bytes)
Hash
50406c447ccad47ca9e5d53eff612ffb
16e3921585135a87a1066689c9c67a312d96c92d
01a0732bba96fb38be885a1d233fecf52e32c7e07e48cd05f6f07a3690ea304c

HTTP Headers

GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s33.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5c9a3702-19eb"
Content-Encoding: gzip

s33.ucoz.net/adv/dummy/000/img/ucoz-logo.png

195.216.243.33

200 OK

4.6 kB

URL HTTP/1.1
s33.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4585 bytes)
Hash
14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2

HTTP Headers

GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s33.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:18 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a3702-11e9"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
abae80ecc166902820f1cd3f0fd6a0c8
b8bbe5e30b2bde14994345cc28385e6ae9cea090
692f875fc32aa36c33255b85ab283df60368c8b1c22a21f126de466d3964c9ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "692F875FC32AA36C33255B85AB283DF60368C8B1C22A21F126DE466D3964C9CA"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18711
Expires: Thu, 30 Mar 2023 10:01:09 GMT
Date: Thu, 30 Mar 2023 04:49:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d7cea01bf14f0b64ef8b2cabba0b8382
a99a533515322a72a690dd572983ad5414cc2b9d
a6b1cc9384931ddf9a0eedebc36d8ed9a575bbdf45326bffec117c244aca04d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6B1CC9384931DDF9A0EEDEBC36D8ED9A575BBDF45326BFFEC117C244ACA04D9"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11681
Expires: Thu, 30 Mar 2023 08:03:59 GMT
Date: Thu, 30 Mar 2023 04:49:18 GMT
Connection: keep-alive

rot.spotsniper.ru/?src=ujs6

31.172.81.158

200 OK

1 B

URL HTTP/1.1
rot.spotsniper.ru/?src=ujs6
IP
31.172.81.158:0
ASN
#44066 diva-e Datacenters GmbH

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cs-lip.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff

216.58.211.1

200 OK

60 kB

URL HTTP/1.1
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
Web Open Font Format, TrueType, length 60332, version 1.1\012- data
Size
60 kB (60332 bytes)
Hash
0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1

HTTP Headers

GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cs-lip.at.ua
Connection: keep-alive
Referer: http://s33.ucoz.net/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 60332
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 23 Mar 2023 09:14:27 GMT
Expires: Fri, 22 Mar 2024 09:14:27 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Vary: Accept-Encoding
Age: 588891

rot.spotsniper.ru/?src=ujs6&s_subid=btn

31.172.81.158

200 OK

1 B

URL HTTP/1.1
rot.spotsniper.ru/?src=ujs6&s_subid=btn
IP
31.172.81.158:0
ASN
#44066 diva-e Datacenters GmbH

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /?src=ujs6&s_subid=btn HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cs-lip.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//cs-lip.at.ua/forum/61-798-1;s1280*1024*24;uhttp%3A//cs-lip.at.ua/%3F37L33S3uTHrIB2atj%253B619%2521k6pn1a5VcesvQe3mX1myT3%25210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s;1680151782837

88.212.201.198

302 Moved Temporarily

32 B

URL HTTP/1.1
counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//cs-lip.at.ua/forum/61-798-1;s1280*1024*24;uhttp%3A//cs-lip.at.ua/%3F37L33S3uTHrIB2atj%253B619%2521k6pn1a5VcesvQe3mX1myT3%25210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s;1680151782837
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
HTML document, ASCII text
Size
32 B (32 bytes)
Hash
3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254

HTTP Headers

GET /hit;ucoz_topline_worldwide?rhttp%3A//cs-lip.at.ua/forum/61-798-1;s1280*1024*24;uhttp%3A//cs-lip.at.ua/%3F37L33S3uTHrIB2atj%253B619%2521k6pn1a5VcesvQe3mX1myT3%25210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s;1680151782837 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 302 Moved Temporarily
Date: Thu, 30 Mar 2023 04:49:18 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//cs-lip.at.ua/forum/61-798-1;s1280*1024*24;uhttp%3A//cs-lip.at.ua/%3F37L33S3uTHrIB2atj%253B619%2521k6pn1a5VcesvQe3mX1myT3%25210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s;1680151782837
Content-Length: 32
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache

s33.ucoz.net/adv/dummy/000/img/bg.gif

195.216.243.33

200 OK

1.3 kB

URL HTTP/1.1
s33.ucoz.net/adv/dummy/000/img/bg.gif
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 485 x 3\012- data
Size
1.3 kB (1268 bytes)
Hash
b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50

HTTP Headers

GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s33.ucoz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s33.ucoz.net/adv/dummy/000/css/style.css

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:18 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c9a3702-4f4"
Accept-Ranges: bytes

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
278a63bfe7b6fb6d76c6b3411317610e
0c13b51cec29f9fc98afc0aeae9fb91d4b3b5a66
f19d6cdb9fe52bdb433d607ad6df3e3dc05d88286fb7651567a4533b64ff97a8

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 03 Apr 2023 01:09:15 GMT
ETag: "0c13b51cec29f9fc98afc0aeae9fb91d4b3b5a66"
Last-Modified: Thu, 30 Mar 2023 01:09:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3459
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7afdb9a91e07b503-OSL

counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782137

88.212.201.198

302 Moved Temporarily

32 B

URL HTTP/1.1
counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782137
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
HTML document, ASCII text
Size
32 B (32 bytes)
Hash
3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254

HTTP Headers

GET /hit;ucoznet?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782137 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 302 Moved Temporarily
Date: Thu, 30 Mar 2023 04:49:18 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782137
Content-Length: 32
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache

88.212.201.198

200 OK

43 B

URL HTTP/1.1
counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//cs-lip.at.ua/forum/61-798-1;s1280*1024*24;uhttp%3A//cs-lip.at.ua/%3F37L33S3uTHrIB2atj%253B619%2521k6pn1a5VcesvQe3mX1myT3%25210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s;1680151782837
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /hit;ucoz_topline_worldwide?rhttp%3A//cs-lip.at.ua/forum/61-798-1;s1280*1024*24;uhttp%3A//cs-lip.at.ua/%3F37L33S3uTHrIB2atj%253B619%2521k6pn1a5VcesvQe3mX1myT3%25210yYDFEpgALqASiSK0LI3Iuj5mC33FbFErXYLC4s;1680151782837 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cs-lip.at.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
21966d424aed17f9af10f69f1cb82860
87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be
6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 04:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782493

88.212.201.198

302 Moved Temporarily

32 B

URL HTTP/1.1
counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782493
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
HTML document, ASCII text
Size
32 B (32 bytes)
Hash
3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254

HTTP Headers

GET /hit;clickgate08?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782493 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 302 Moved Temporarily
Date: Thu, 30 Mar 2023 04:49:18 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782493
Content-Length: 32
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache

counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782138

88.212.201.198

302 Moved Temporarily

32 B

URL HTTP/1.1
counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782138
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
HTML document, ASCII text
Size
32 B (32 bytes)
Hash
3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254

HTTP Headers

GET /hit;ucoz_desktop_ad?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782138 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 302 Moved Temporarily
Date: Thu, 30 Mar 2023 04:49:18 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782138
Content-Length: 32
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache

counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782137

88.212.201.198

200 OK

43 B

URL HTTP/1.1
counter.yadro.ru/hit;ucoznet?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782137
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /hit;ucoznet?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782137 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cs-lip.at.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

cs-lip.at.ua/favicon.ico

195.216.243.33

200 OK

894 B

URL HTTP/1.1
cs-lip.at.ua/favicon.ico
IP
195.216.243.33:0
ASN
#57724 Ddos-guard Ltd

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
894 B (894 bytes)
Hash
a1a84fcdf109eff8758e06e577bd583d
1c5a941a176308aef1486be0f7e0a09aacfbcc3d
21d35b2ebca5d92dace52f46ad1b8a02ba919dfc5651e02de3981f19dfc391c1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cs-lip.at.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/forum/61-798-1
Cookie: 2cs-lipuzll=1680151757; ucvid=iXZ4K16yi5; 2cs-lippushi=1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/x-icon
Content-Length: 894
Last-Modified: Sun, 03 Oct 2010 06:22:58 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4ca82142-37e"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__ru.js

142.250.74.35

200 OK

170 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__ru.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1596)
Size
170 kB (170383 bytes)
Hash
e7d9ed5e7f3fd80584b6fb0381958d95
85fcc24848bfee55963db3ca5b28449826d5c92d
2a166148f61341234f6073e14dccf65e0fce11b3e5f4a88f1e6959cb22e650d1

HTTP Headers

GET /recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cs-lip.at.ua
Connection: keep-alive
Referer: http://cs-lip.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 170383
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Mar 2023 16:39:26 GMT
expires: Thu, 28 Mar 2024 16:39:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 43792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782138

88.212.201.198

200 OK

43 B

URL HTTP/1.1
counter.yadro.ru/hit;ucoz_desktop_ad?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782138
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /hit;ucoz_desktop_ad?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782138 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cs-lip.at.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782493

88.212.201.198

200 OK

43 B

URL HTTP/1.1
counter.yadro.ru/hit;clickgate08?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782493
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /hit;clickgate08?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151782493 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cs-lip.at.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 30 Mar 2023 04:49:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17367
Expires: Thu, 30 Mar 2023 09:38:46 GMT
Date: Thu, 30 Mar 2023 04:49:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17367
Expires: Thu, 30 Mar 2023 09:38:46 GMT
Date: Thu, 30 Mar 2023 04:49:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17367
Expires: Thu, 30 Mar 2023 09:38:46 GMT
Date: Thu, 30 Mar 2023 04:49:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11548 bytes)
Hash
2eee1403498bff1763a8bc833dfeeb41
bff603c1941f0bc9dfcd4ae51af3334ff7529be4
2dab005f05aa5142ad2d132f40a5fb2b3cad7e1c82c936808c30f060eea3846e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04d24af-eb00-4c93-ab34-7efa5a5df311.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11548
x-amzn-requestid: 7695d327-93ba-4079-a512-6adfc7e3a2d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAymEfnoAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-66e22a7d1d7cad675b9cdf27;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YDfuRMv16MCODBqpZY9Fh1sW7r0oIuwhIID1gdjVZeyJnlHHZM4ASQ==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:52:21 GMT
age: 25018
etag: "bff603c1941f0bc9dfcd4ae51af3334ff7529be4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8795 bytes)
Hash
d1e861b518e06e17ce657c5f9fc15daf
214322b88798120159ab55c7121c8775727b8fc7
3438eb2b7e18d784416c139b42c036eefff3759602e4ce553815c628e1cb5016

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8795
x-amzn-requestid: 33d91f7c-7d04-405b-8060-33e438ed09f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAz2GwKoAMFW5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7e-54ba3517206ac61c50167c3e;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UlRpbu9inpiwKEkyo7rthLcsidkdF4_CJtp4l4Q0EbXMB-75e61rBg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:54:44 GMT
age: 24875
etag: "214322b88798120159ab55c7121c8775727b8fc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5108 bytes)
Hash
aa4bea27e3e3b648176b5d87c919422d
1aa537444512644c9e5ddbb732cb310e5d3f3a26
28706ef531eabf37199ce8160884b6abe9220809e6217000883a0d9f0a23e93d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5108
x-amzn-requestid: 8d187151-2480-477a-82d9-fa5c96dd61db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA6THX9IAMFhrw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424aea7-5e5a11746610faac7bb883bb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:28 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: RC7BCyW_QitX-xaWwVn_7qcPD_Qu2dIwr2l_rD3HvHT_812xzmU8vw==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:56:53 GMT
age: 24746
etag: "1aa537444512644c9e5ddbb732cb310e5d3f3a26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11118 bytes)
Hash
1d109c71a6d804ac43ede46ac74f2065
251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4
de2d781c75abb41ea14c0f4c072df0977562d824d81b5f4ca28c4f635067a17b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11118
x-amzn-requestid: 71508920-b2d8-446d-a498-8bf8708af974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA4qHrpoAMF-0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae9d-5191b68a4c7f1ee042a05583;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3JIDZJcepJFwPc0anfKz5OO8LZY3cFMI4oljiaft8jBgltzp2iYJiA==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:55:34 GMT
age: 24825
etag: "251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10271 bytes)
Hash
424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:48:07 GMT
age: 25272
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13563 bytes)
Hash
e17677df3c62e2528f78149356f707fa
ed990a670d1b5f33e42e1927266c82d1532b2c75
3f23e0cf1a3b09c3747e5ac9917793d7035b3195a085d1e34777c5f3f09ce72c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13563
x-amzn-requestid: 61cfd396-07a1-451f-81df-868644a5e653
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAymEFOIAMFW3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-7adecc212066dc3c5252eb2f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Extt8zdIR6UvGVHhCFtOEZnFHXHvS0QdwQNgFGMclIDrMdmHO-5UUg==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:48:07 GMT
age: 25272
etag: "ed990a670d1b5f33e42e1927266c82d1532b2c75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aa7e407ead31074482c1c1deb5ffc5fb
6ce9bb1700506ba3305324b9a9ac3df2a3bdd5a2
0f74b064c987616373470a6c56a15323ad67168e57181de722e37af70ddfe8a2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F74B064C987616373470A6C56A15323AD67168E57181DE722E37AF70DDFE8A2"
Last-Modified: Mon, 27 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8221
Expires: Thu, 30 Mar 2023 07:06:21 GMT
Date: Thu, 30 Mar 2023 04:49:20 GMT
Connection: keep-alive

counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151785140

88.212.201.198

302 Moved Temporarily

32 B

URL HTTP/1.1
counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151785140
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
HTML document, ASCII text
Size
32 B (32 bytes)
Hash
3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254

HTTP Headers

GET /hit;desktop_click_load?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151785140 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cs-lip.at.ua/

HTTP/1.1 302 Moved Temporarily
Date: Thu, 30 Mar 2023 04:49:20 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151785140
Content-Length: 32
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache

ishowyoufuture.com/services/geo.php

193.200.65.61

200 OK

38 B

URL HTTP/1.1
ishowyoufuture.com/services/geo.php
IP
193.200.65.61:0
ASN
#6681 Rozetka Sp. z o.o.

File type
ASCII text, with no line terminators
Size
38 B (38 bytes)
Hash
42e18074774584912858a6bc7d7c5419
c8efbdec5afd05e35b0df283cb846a1f55b4cdfc
cc95ba7ed2483c07fbe0bb280d5b87db26ac40345f82014c50c96127bc0a4868

HTTP Headers

GET /services/geo.php HTTP/1.1
Host: ishowyoufuture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cs-lip.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:20 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 38
Connection: keep-alive

counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151785140

88.212.201.198

200 OK

43 B

URL HTTP/1.1
counter.yadro.ru/hit;desktop_click_load?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151785140
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /hit;desktop_click_load?r;s1280*1024*24;uhttp%3A//cs-lip.at.ua/forum/61-798-1%231096;1680151785140 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cs-lip.at.ua/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 30 Mar 2023 04:49:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Tue, 29 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a6effb68d807ee1c8d6858748a7b166
90b7ebd766c9d0338c85a69b3c090dd77dbe3db6
af41b4d7f601cc228b4a98c112700a0b4d538ad8b446b4e722a3e8e87cc46be3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF41B4D7F601CC228B4A98C112700A0B4D538AD8B446B4E722A3E8E87CC46BE3"
Last-Modified: Tue, 28 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7596
Expires: Thu, 30 Mar 2023 06:55:57 GMT
Date: Thu, 30 Mar 2023 04:49:21 GMT
Connection: keep-alive

scatrouting.com/bens/vinos.js?23433&u=null&a=0.026406494485177845

193.200.64.20

200 OK

140 kB

URL HTTP/1.1
scatrouting.com/bens/vinos.js?23433&u=null&a=0.026406494485177845
IP
193.200.64.20:0
ASN
#6681 Rozetka Sp. z o.o.

File type
ASCII text, with very long lines (727)
Size
140 kB (140289 bytes)
Hash
29add5d69c7da1bf15ad0c0f18d2bbc0
fdefe1d9f5ceef83f73652e80ce0881c2bdbe9de
bad8c1c4148e568bd3d7b8c986f66601d590007ea9a7e81f5b3a3619b58b984f

HTTP Headers

GET /bens/vinos.js?23433&u=null&a=0.026406494485177845 HTTP/1.1
Host: scatrouting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cs-lip.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 04:49:21 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16801513501532635802; expires=Sat, 29-Mar-2025 04:49:21 GMT; Max-Age=63072000; path=/; samesite=None; domain=.scatrouting.com; secure

zcode12.me/?ze=hbrdinjsgy5ha3ddf42dkojs

185.177.93.30

200 OK

0 B

URL HTTP/2
zcode12.me/?ze=hbrdinjsgy5ha3ddf42dkojs
IP
185.177.93.30:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?ze=hbrdinjsgy5ha3ddf42dkojs HTTP/1.1
Host: zcode12.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cs-lip.at.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 04:49:17 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=2e9584a7-e9b7-4bb1-9d20-e9ef0e069783; expires=Sat, 29-Apr-2023 04:49:17 GMT; Max-Age=2592000; path=/; SameSite=None; domain=zcode12.me; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML