Overview

URL student-auto.ru/.well-known/2021/usps/verification
IP82.202.170.188
ASNJSC IOT
Location Russia
Report completed2022-10-04 16:36:27 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 student-auto.ru/.well-known/2021/usps/verification Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/sticky/jquery.sticky.js Phishing
2022-10-04 2 student-auto.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.8 Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/jquery.validate.js Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/jquery.maskedinput.min.js Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/jquery.nanoscroller.min.js Phishing
2022-10-04 2 student-auto.ru/wp-content/themes/univer/js/main.js Phishing
2022-10-04 2 student-auto.ru/.well-known/2021/usps/verification Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS mc.yandex.ru (3) 2672 2017-01-29 05:34:36 UTC 2022-10-04 08:04:40 UTC 87.250.250.119
mnemonic passive DNS api-maps.yandex.ru (5) 32678 2012-11-01 07:04:10 UTC 2022-10-04 14:43:44 UTC 87.250.251.134
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 15:06:58 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.25
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 15:17:25 UTC 93.184.220.29
mnemonic passive DNS ocsp.globalsign.com (3) 2075 2012-05-25 06:20:55 UTC 2022-10-04 04:22:54 UTC 104.18.21.226
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 35.82.48.240
mnemonic passive DNS yastatic.net (1) 72282 2014-03-11 07:15:28 UTC 2022-10-04 09:28:53 UTC 178.154.131.217
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-04 04:24:58 UTC 69.16.175.10
mnemonic passive DNS fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-10-04 11:55:48 UTC 142.250.74.10
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS student-auto.ru (19) 0 2017-09-16 18:09:36 UTC 2022-08-22 00:46:33 UTC 82.202.170.188 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (10) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-04 09:46:16 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 82.202.170.188

Date UQ / IDS / BL URL IP
2022-10-04 16:36:27 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verification 82.202.170.188
2022-10-04 15:41:15 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verific (...) 82.202.170.188
2022-10-04 15:34:56 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/ 82.202.170.188

Last 5 reports on ASN: JSC IOT

Date UQ / IDS / BL URL IP
2022-11-28 10:51:35 +0000
0 - 0 - 4 stomjob.ru/ 62.109.27.215
2022-11-27 23:32:11 +0000
0 - 0 - 1 atoapiwag.ru/ 188.120.236.54
2022-11-27 22:55:19 +0000
0 - 0 - 2 80.87.198.76/proton3/imageBigloadUniversal.ph (...) 80.87.198.76
2022-11-27 22:55:19 +0000
0 - 0 - 2 80.87.198.76/proton3/imageBigloadUniversal.ph (...) 80.87.198.76
2022-11-27 21:35:14 +0000
0 - 0 - 48 dissecure.com/ 178.250.158.201

Last 3 reports on domain: student-auto.ru

Date UQ / IDS / BL URL IP
2022-10-04 16:36:27 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verification 82.202.170.188
2022-10-04 15:41:15 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verific (...) 82.202.170.188
2022-10-04 15:34:56 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/ 82.202.170.188

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-04 15:41:15 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/verific (...) 82.202.170.188
2022-10-04 15:34:56 +0000
0 - 0 - 8 student-auto.ru/.well-known/2021/usps/ 82.202.170.188


JavaScript

Executed Scripts (13)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (67)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 15:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TP8myqS9qvGVnTaQ2vo7Vy0La1Mhc00M9aKRRm4pyaTDc5OfEEoPTg==
Age: 2952


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2884
Expires: Tue, 04 Oct 2022 17:24:20 GMT
Date: Tue, 04 Oct 2022 16:36:16 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CggtqTzhofKLaN6YabY1gSCmFhnP6t9PAVDUKUE9Gvqm-QvnUsLEYw==
age: 40069
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 16:36:16 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /.well-known/2021/usps/verification HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         82.202.170.188
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=qWyRJ239vln7X9bLWIvm; Domain=.student-auto.ru; HttpOnly; Path=/; Expires=Wed, 04-Oct-2023 16:36:16 GMT
Date: Tue, 04 Oct 2022 16:36:16 GMT
Location: https://student-auto.ru:443/.well-known/2021/usps/verification
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   121
Md5:    b9b2183103bbc58fcf323861a4effb44
Sha1:   93af58744932728c97ca6bebaf09d4e653856165
Sha256: 3ffbaf6e91e058df86a5440f1fbe9a1579e5bcd9c7d00f839e51c90d9f1f91ba

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7434F6FF9117893493ED968C9C3B39D454A13A738AA73EEC76A94B33571D558D"
Last-Modified: Tue, 04 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18268
Expires: Tue, 04 Oct 2022 21:40:44 GMT
Date: Tue, 04 Oct 2022 16:36:16 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 16:29:33 GMT
Expires: Tue, 04 Oct 2022 16:31:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EKzfzoWY9kp9Dgk1kh2Wa6cWM8J6lunTac-kP6rSH2c8ZaEJZtf1tQ==
Age: 403


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5776
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 16:36:17 GMT
Last-Modified: Tue, 04 Oct 2022 15:00:01 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0j4CuNAIikdTrrwwnhZDRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.82.48.240
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1TQoA+KSzVlPbYLmVQwacJIXiW0=

                                        
                                            GET /wp-content/themes/univer/img/stud_auto_big.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Sun, 02 Oct 2022 13:35:26 GMT
content-length: 14603
last-modified: Mon, 03 Jun 2019 08:03:08 GMT
etag: "5cf4d43c-390b"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 183652
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 208 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size:   14603
Md5:    6c860a8405994a117340b86e71f99077
Sha1:   34019a821bb7ee0efb2251e3fb2ee6036a104f4e
Sha256: c81f74a906e537f5859f244aea9880aac7b5e362cd4d0ec346fae1f9bd871a50
                                        
                                            GET /wp-content/themes/univer/img/souz.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:34 GMT
content-length: 26699
last-modified: Wed, 29 May 2019 13:52:46 GMT
etag: "5cee8eae-684b"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 14864
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 138 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size:   26699
Md5:    9e01dcd980418b18f1f0ba31c9eb0edf
Sha1:   63c7f336f881043a7e82fe797c59e44e8510fead
Sha256: 09fbcf8ad4cc8edd673640aa5f9ef2ac035569f3dc5ccf7b1be3183f65d7509a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/univer/img/logo_sechenov_small.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Sun, 02 Oct 2022 13:35:27 GMT
content-length: 9481
last-modified: Wed, 21 Jun 2017 13:16:42 GMT
etag: "594a71ba-2509"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 183651
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 61 x 59, 8-bit/color RGBA, non-interlaced\012- data
Size:   9481
Md5:    2bd02e3291f87f3c90e00b436306462b
Sha1:   3b670e2ae09bef2d52bc42c52900c2574019a2f5
Sha256: 5d9ace044c626bfe8d303f17054015e5e8cb2b85ff8cd6ab304afe2d95bde8f2
                                        
                                            GET /wp-content/themes/univer/img/icon_modal.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:34 GMT
content-length: 10174
last-modified: Fri, 30 Jun 2017 06:13:34 GMT
etag: "5955ec0e-27be"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 14864
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 208 x 208, 8-bit/color RGBA, non-interlaced\012- data
Size:   10174
Md5:    fad2abb237c6fcf8936b0983bc1abdcb
Sha1:   fc0ed0b01dedd8a4aecd6330b750f06bfb712704
Sha256: ddd8dd99f54c3cc6d2fa1f7a5393ec08e3ac0ad67e24138cde3e5d6d544cbb70
                                        
                                            GET /wp-content/themes/univer/img/stud_auto_small.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Sun, 02 Oct 2022 13:35:26 GMT
content-length: 24663
last-modified: Mon, 14 Aug 2017 12:17:18 GMT
etag: "599194ce-6057"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 183652
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 117 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   24663
Md5:    29a1e7dff8dc56698b2d0b091bd99393
Sha1:   07c2c42cf9345ece66d13a73d909ba2cbd0b1a5a
Sha256: fe7dcb1282c5e06dddcb2fcc04ed272283a1b18a6690ac62fe917cb56fe1fa5c
                                        
                                            GET /jquery-2.2.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 16:36:18 GMT
content-encoding: gzip
content-length: 29811
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664901378.dop024.sk1.t,1664901378.cds262.sk1.hn,1664901378.cds214.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29811
Md5:    82885772205f23cd59e25a221521b059
Sha1:   96ed36f45544295f28df1ab251e7e38faceeff0e
Sha256: 8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
                                        
                                            GET /wp-content/themes/univer/img/man.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:34 GMT
content-length: 111193
last-modified: Fri, 01 Sep 2017 14:28:12 GMT
etag: "59a96e7c-1b259"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 14864
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 334, 8-bit/color RGBA, non-interlaced\012- data
Size:   111193
Md5:    2e4f9e95bff9d4dde7710d3d127532b6
Sha1:   2fcc04a551a485f19aeabcf3ea7c5d707999ae95
Sha256: 306a6efe655c3b8ee84f5937e2fa5264ad9cb6966508a2c580820349da8ed756
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 08 Oct 2022 12:35:17 GMT
ETag: "59af538bc01b38e6a7d04cc1c98075b20808b1a7"
Last-Modified: Tue, 04 Oct 2022 12:35:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3120
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754f55edaec50b41-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    62837b53fd0f6444cb1824d9e5c2b1ee
Sha1:   59af538bc01b38e6a7d04cc1c98075b20808b1a7
Sha256: 66d7c5aeaceb67d773af261ba6d8fc7cc5f9c9c68dbba93d216baada2b23c207
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/univer/js/sticky/jquery.sticky.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 16:36:18 GMT
last-modified: Thu, 06 Apr 2017 14:22:14 GMT
etag: W/"58e64f16-2765"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   83071
Md5:    d2dc6854676bd7c424c8eae63a18add0
Sha1:   6ffc71cefe26ba2ce1e60ad880a0ba4cfb38aab2
Sha256: ec427a01b961c0a5790bb8ce5d1f03ffcf775d220415a97399febb3c042bb36b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/univer/img/bg_arrow.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/wp-content/themes/univer/css/style.css
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:34 GMT
content-length: 26732
last-modified: Fri, 01 Sep 2017 14:29:40 GMT
etag: "59a96ed4-686c"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 14864
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1050 x 77, 8-bit/color RGBA, non-interlaced\012- data
Size:   26732
Md5:    95f8216c2dcaca1d1792a029b8a72de6
Sha1:   27412a3ec7ff27b454d5e7ed2649a82bfa7419da
Sha256: 1e1242da3048abd0ce08503b4e1ce49a0d5e22c82d8da86f00b0a419029bf879
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto:400,500,700,900&subset=cyrillic-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 16:36:18 GMT
date: Tue, 04 Oct 2022 16:36:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   169732
Md5:    42c206c0371981dec02942f6fe17d2ab
Sha1:   b5b68fa7b1c68b384264f190d56671ad47659a73
Sha256: 66c094bd6b0a7a2df1d456a109bed27da7694a191fd093164513a96ddba55cdb
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 227078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:13:12 GMT
expires: Tue, 03 Oct 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 69786
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size:   46524
Md5:    c1fd378f54921c75e4ae1821e7b8fff6
Sha1:   2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
Sha256: 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.8 HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 16:36:18 GMT
last-modified: Thu, 29 Jun 2017 12:57:50 GMT
etag: W/"5954f94e-341e"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   19226
Md5:    980df0538619b21f3c118b848c7f575f
Sha1:   fa7b5fa6040944e35843d7ce02d47f4a7dcdc992
Sha256: 7c1a6f6006187359604016dd284508dc22b3002c84b7e89881d185c1ffe78769

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:56 GMT
expires: Thu, 28 Sep 2023 19:34:56 GMT
cache-control: public, max-age=31536000
age: 507682
last-modified: Wed, 11 May 2022 19:24:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Size:   9840
Md5:    7b08b9e11fc6b8a8a1398b357e874144
Sha1:   4b5fb5790fae1c96655aaa7a426b697f5ab986d0
Sha256: 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
                                        
                                            GET /css?family=Raleway:400,500,600,700,800 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 16:36:18 GMT
date: Tue, 04 Oct 2022 16:36:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10296
Md5:    7fb59fce9acd3f8836cd4a6e9a08d2a7
Sha1:   f192eeb5e44d4df9c64b00f883b112744607d2da
Sha256: d89ff3f8e88cda54c1354fd31a555c5a710b3d7dec338dc95c0c8cc9890711e5
                                        
                                            GET /wp-content/themes/univer/js/jquery.validate.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 16:36:18 GMT
last-modified: Thu, 29 Jun 2017 10:32:34 GMT
etag: W/"5954d742-5a5d"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (22930)
Size:   23146
Md5:    9740443569f3d251f50e661cd7477041
Sha1:   c2036d776c8427b2aca62bcf366f2f334a103072
Sha256: 80c0acbfb4f15c601254e4f9fc3efe13b9b0735124ab17eaa8d4e0d97c7bc1fe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/univer/js/jquery.maskedinput.min.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 16:36:18 GMT
last-modified: Thu, 29 Jun 2017 09:55:40 GMT
etag: W/"5954ce9c-10d9"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4112)
Size:   11456
Md5:    7d32097ec070d77ef74213b0bedd3608
Sha1:   ea305ae6d2ae10dabff852ec8fbb2cf708b40bde
Sha256: 3c81dfa43e0e532dbd2e4f9a93e39bf695d6f1d2d981332fd353f90c2008057f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 507730
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Content-Length: 939
Connection: keep-alive
Expires: Sat, 08 Oct 2022 13:16:05 GMT
ETag: "4bc960f89bbaa46bec598a41d99c36f5c9980fdd"
Last-Modified: Tue, 04 Oct 2022 13:16:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1683
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754f55eedfe50b41-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/univer/js/jquery.nanoscroller.min.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 16:36:18 GMT
last-modified: Mon, 19 Sep 2016 10:52:12 GMT
etag: W/"57dfc35c-289c"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10265), with CRLF line terminators
Size:   28888
Md5:    57f4413fa4f2be9ab437f24f00aa2a33
Sha1:   15ed12c0199679cb1312b4ed54874a8302f6ef93
Sha256: 774b36dbfef17d6adbd31589f7b913b44d781b694d3eb0c259bfe2090360de18

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/univer/js/main.js HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 16:36:18 GMT
last-modified: Mon, 03 Jun 2019 08:09:56 GMT
etag: W/"5cf4d5d4-100a"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   10802
Md5:    b8b0ed14a5d09bd27a487b4b3edb867a
Sha1:   b2fc59c918410f192c138d41a3335372eb7bbbc6
Sha256: 5264307aafa973f1aa3879fdeb842fdd221bfa56d6361ec002373aeba7fa4a42

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2261
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 16:36:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2261
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 16:36:18 GMT
Connection: keep-alive

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 16:36:18 GMT
Content-Length: 939
Connection: keep-alive
Expires: Sat, 08 Oct 2022 13:21:27 GMT
ETag: "3427073e58bc6b528edad4aa2b8116365a1175c2"
Last-Modified: Tue, 04 Oct 2022 13:21:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2476
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754f55f019500b41-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2261
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 16:36:18 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2017/08/cropped-stud_auto_big-32x32.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Mon, 03 Oct 2022 10:47:55 GMT
content-length: 2444
last-modified: Mon, 14 Aug 2017 12:26:20 GMT
etag: "599196ec-98c"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 107303
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   2444
Md5:    6dbf20ae97dc5453120e7e00ae08fbd1
Sha1:   d0962c66633869e60de3a16dcc616428d4c2343f
Sha256: 0e96d01c46341d51e68b69766d97656b3addaee8cc65e08c4967b178d9528cb4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2261
Expires: Tue, 04 Oct 2022 17:13:59 GMT
Date: Tue, 04 Oct 2022 16:36:18 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2017/08/cropped-stud_auto_big-192x192.png HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 12:28:35 GMT
content-length: 36030
last-modified: Mon, 14 Aug 2017 12:26:19 GMT
etag: "599196eb-8cbe"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 14863
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   36030
Md5:    32d016c0f7b57f83c7fa4bee35765f81
Sha1:   92ebe9318d20744c94872b5afaa9e36cf4d1037e
Sha256: 39c4f1e352edfffaebd39b7a177136ef9e188b75002a1b7c67ecad5b8e3867e1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:34 GMT
age: 67904
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8534
Md5:    f2287c489794dab0e9ba923a2057988f
Sha1:   2b9f6828a38da81b40dcad033572e48b4c5896db
Sha256: e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 67918
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 42807
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 67918
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 67903
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 67905
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-43/build/release/full-12d3b6ea37df4ec19ca51b92a0651e126f59c33e.js HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.154.131.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx/1.17.9
date: Tue, 04 Oct 2022 16:36:18 GMT
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"96bcd9e39ca569a8c8c0482bcfc0f578"
expires: Wed, 04 Oct 2023 22:24:34 GMT
last-modified: Tue, 04 Oct 2022 10:45:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: bc64f05eaab63622
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9590)
Size:   763371
Md5:    e76b76ded8d7a11550b15518162404e8
Sha1:   6616c9b4fd336ab2049570e24a607fcd8bbd800d
Sha256: 98d836f87a4fc1407ae89aff94821ab4d2823b51c3d48060274b3b2926d456c9
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Tue, 04 Oct 2022 16:36:19 GMT
access-control-allow-origin: *
etag: "633be002-2b"
expires: Tue, 04 Oct 2022 17:36:19 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /2.1.79/build/release/images/cursor/zoom_in.cur HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 326
date: Tue, 04 Oct 2022 16:36:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=/GqbcEXH52KgUnp8aSd+OrxYQV4icF2ZlnGBrA44+p4H/w==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 16:36:19 GMT; secure i=nOOm+NCNCHNQMDMK6YxdaZdGJQxDPL29efrjhJNVb7g/pEVgObqvERLtkyr9dUk33buPqvrR8fqHifLDlrRqid3I4WQ=; Expires=Thu, 03-Oct-2024 16:36:19 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: "633c0ef5-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @6x6\012- data
Size:   326
Md5:    77492cf358d8b12629399322926c93f2
Sha1:   8291ac3dad4e4f33183ccdfad7b92b1594c760f9
Sha256: eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
                                        
                                            GET /2.1.79/build/release/images/cursor/grab.cur HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 326
date: Tue, 04 Oct 2022 16:36:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=vOtH8fRmWd9ZteIzcJYPhbQQV1xViZxBTMsboymT/oDyew==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 16:36:19 GMT; secure i=uK1M91FPDs7b+eJSB3WlD4kOjdE2pBMXDyhywVJYnQY6Fwm9Ff8LB8fIAzilOvyekliGJOW6oHiiT1TDqzL8wPYFt6c=; Expires=Thu, 03-Oct-2024 16:36:19 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: "633c0ef5-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows cursor resource - 1 icon, 32x32, hotspot @15x15\012- data
Size:   326
Md5:    ef50ac9e93aaebe3299791c79f277f8e
Sha1:   fbd667e863c8278950e7761aee54b394cd93ea0c
Sha256: 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
                                        
                                            GET /2.1.79/build/release/images/cursor/grabbing.cur HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 326
date: Tue, 04 Oct 2022 16:36:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=ZCD+HRPOEe3EKlbsyUAVOopFoSdfb3ZCLGttq5h91n6W9Q==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 16:36:19 GMT; secure i=DRcKGsKyaZrbwdxQtL5PtdYeBnYnKzkem9bhYGmCJLn4014WjxLCHDb8RvvFzftnN+534VslphB54vCPioOYH4cMMo4=; Expires=Thu, 03-Oct-2024 16:36:19 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: "633c0ef5-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows cursor resource - 1 icon, 32x32, hotspot @15x15\012- data
Size:   326
Md5:    3ce22e999d54bb9ca8150a59207f9d3e
Sha1:   f30d68405751e730ca94ada8628df45b4839931f
Sha256: a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
                                        
                                            GET /2.1.79/build/release/images/cursor/help.cur HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 326
date: Tue, 04 Oct 2022 16:36:19 GMT
access-control-allow-origin: *
set-cookie: _yasc=Q+mFW6Up0o6R6V4Vm0GNd+z010VyBWrFYTNzc7/HIECT6Q==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 16:36:19 GMT; secure i=pTzU2qZ6LsrC/kmsSXPNMH7QZHCr1eqGaNMFaje/aauQeDoeniX7B9pfTeEPKK7JSx3oOqhrco7H/oPALw+fKpoyjUQ=; Expires=Thu, 03-Oct-2024 16:36:19 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
etag: "633c0ef5-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 2 colors\012- data
Size:   326
Md5:    4965b66fe115b2f2ed500ece66514d86
Sha1:   32074b76fca8a0382b474c1b9555d6742b274986
Sha256: 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
                                        
                                            GET /watch/54247729/1?wmode=7&page-url=https%3A%2F%2Fstudent-auto.ru%2F.well-known%2F2021%2Fusps%2Fverification&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A2212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A259205325255%3Ahid%3A384103557%3Az%3A0%3Ai%3A20221004163618%3Aet%3A1664901378%3Ac%3A1%3Arn%3A591159551%3Arqn%3A1%3Au%3A1664901378254025366%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C66%2C1349%2C1%2C484%2C0%2C%2C317%2C10%2C%2C%2C%2C2224%3Ans%3A1664901375518%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664901378%3At%3A%D0%92%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B0%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20-%20%D0%A1%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B0%D0%B2%D1%82%D0%BE%D1%88%D0%BA%D0%BE%D0%BB%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://student-auto.ru
Referer: https://student-auto.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.250.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 407
date: Tue, 04 Oct 2022 16:36:19 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://student-auto.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 16:36:19 GMT
last-modified: Tue, 04-Oct-2022 16:36:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size:   407
Md5:    ae594fd770c04a5d101467d36bb81c55
Sha1:   c90a92e67679ab7450dc9d80af6e4b2ce4205fdd
Sha256: ceda77fafcd78a77972bd28739f5ec3f7a971bf4120d1e40863e0a41d1ca27a9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10878
x-amzn-requestid: a849d918-ec40-47d4-93cb-e938b010bd50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpJKGAPIAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556d-242a8d2208b6574c34063c1f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7ZaoEBhn_F_zDvoalcEpb4PtdGMuU9stAktSCviy5SsaaBaxYUJ6Fg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 67925
etag: "d893d8035379e06e53e365b9f47f5da40bff932b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10878
Md5:    f62719b24a32198c6f462a0a0412ac98
Sha1:   d893d8035379e06e53e365b9f47f5da40bff932b
Sha256: ca863affca1559e92e415a4de2e78e4b4c1ec4cf8e8549693499c6f79bd27975
                                        
                                            GET /.well-known/2021/usps/verification HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         82.202.170.188
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: ddos-guard
set-cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof; Domain=.student-auto.ru; HttpOnly; Path=/; Expires=Wed, 04-Oct-2023 16:36:16 GMT
date: Tue, 04 Oct 2022 16:36:17 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://student-auto.ru/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /watch/54247729?wmode=7&page-url=https%3A%2F%2Fstudent-auto.ru%2F.well-known%2F2021%2Fusps%2Fverification&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A2212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A259205325255%3Ahid%3A384103557%3Az%3A0%3Ai%3A20221004163618%3Aet%3A1664901378%3Ac%3A1%3Arn%3A591159551%3Arqn%3A1%3Au%3A1664901378254025366%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C66%2C1349%2C1%2C484%2C0%2C%2C317%2C10%2C%2C%2C%2C2224%3Ans%3A1664901375518%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664901378%3At%3A%D0%92%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B0%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20-%20%D0%A1%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B0%D0%B2%D1%82%D0%BE%D1%88%D0%BA%D0%BE%D0%BB%D0%B0&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://student-auto.ru
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.250.119
HTTP/2 302 Found
                                        
location: /watch/54247729/1?wmode=7&page-url=https%3A%2F%2Fstudent-auto.ru%2F.well-known%2F2021%2Fusps%2Fverification&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A2212%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A259205325255%3Ahid%3A384103557%3Az%3A0%3Ai%3A20221004163618%3Aet%3A1664901378%3Ac%3A1%3Arn%3A591159551%3Arqn%3A1%3Au%3A1664901378254025366%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C66%2C1349%2C1%2C484%2C0%2C%2C317%2C10%2C%2C%2C%2C2224%3Ans%3A1664901375518%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664901378%3At%3A%D0%92%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B0%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20-%20%D0%A1%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B0%D0%B2%D1%82%D0%BE%D1%88%D0%BA%D0%BE%D0%BB%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 04 Oct 2022 16:36:19 GMT
access-control-allow-origin: https://student-auto.ru
set-cookie: yandexuid=5391981331664901379; Expires=Wed, 04-Oct-2023 16:36:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=5391981331664901379; Expires=Wed, 04-Oct-2023 16:36:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=1197946521664901379; Path=/; SameSite=None; Secure i=RPFFeY7osz57G+Rq3/rxzqkWluqjBAAOTSzminzO4lGqjz24ymsgcFJhRH2SuYpjs8exrP0qV/Wm1G+FwavEhuQVteY=; Expires=Fri, 01-Oct-2032 16:36:15 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1696437379.yrts.1664901379#1696437379.yrtsi.1664901379; Expires=Wed, 04-Oct-2023 16:36:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 16:36:19 GMT
last-modified: Tue, 04-Oct-2022 16:36:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/univer/css/style.css HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: text/css
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 16:36:18 GMT
last-modified: Mon, 03 Jun 2019 08:20:47 GMT
etag: W/"5cf4d85f-1006c"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2.1/?lang=ru_RU&ver=4.8 HTTP/1.1 
Host: api-maps.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.251.134
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
timing-allow-origin: *
content-disposition: attachment; filename=json.txt
vary: Accept-Encoding, Origin
date: Tue, 04 Oct 2022 16:36:18 GMT
access-control-allow-origin: *
x-content-type-options: nosniff, nosniff
set-cookie: _yasc=sgeVUnh5ZSjy4FwNrC/bzthnE8czYaZikaeHCoDELmm2Iw==; domain=.yandex.ru; path=/; expires=Thu, 03-Nov-2022 16:36:18 GMT; secure i=AtFLW4H2KWriJf/3SpN7/Vo8S2dco5rMuN8uNYgOkCQCdlmweB9k5Rn6K0dBKnoo+ynigNinOf1g8tECpkwSnaAsOH8=; Expires=Thu, 03-Oct-2024 16:36:18 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
x-xss-protection: 1; mode=block
x-lighttpd-locale: ru_RU
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/univer/css/reset.css HTTP/1.1 
Host: student-auto.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-auto.ru/.well-known/2021/usps/verification
Cookie: __ddg1_=iPPOMUAia6Qjv0oAyyof
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         82.202.170.188
HTTP/2 200 OK
content-type: text/css
                                        
server: ddos-guard
date: Tue, 04 Oct 2022 16:36:18 GMT
last-modified: Sat, 17 Sep 2016 05:59:24 GMT
etag: W/"57dcdbbc-a18"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---