| btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo |  23.105.247.220 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
set-cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
content-length: 0
date: Thu, 18 Apr 2024 07:35:57 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| btl-agency.com/wp-content/uploads/themeisle-gutenberg/post-8066.css?ver=1693824557 | 23.105.247.220 | 200 OK | 0 B |
URL GET HTTP/3btl-agency.com/wp-content/uploads/themeisle-gutenberg/post-8066.css?ver=1693824557 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/themeisle-gutenberg/post-8066.css?ver=1693824557 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: text/css
last-modified: Mon, 04 Sep 2023 07:49:18 GMT
accept-ranges: bytes
content-length: 0
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/cache/autoptimize/css/autoptimize_9e6bf60cc2dfb942ff9ea482dc7d0d3e.css | 23.105.247.220 | 200 OK | 71 kB |
URL GET HTTP/3btl-agency.com/wp-content/cache/autoptimize/css/autoptimize_9e6bf60cc2dfb942ff9ea482dc7d0d3e.css IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeASCII text, with very long lines (64940) Hash8b28d646d8e98a97d22ead9675d221af 630c1f992a1c6b9d6d4ad05906b87396f40791b7 c350b161a1e7ed38daf3877a9c4dd7070d0ab5af99a8e0c6dcbe11dcd9539d66
GET /wp-content/cache/autoptimize/css/autoptimize_9e6bf60cc2dfb942ff9ea482dc7d0d3e.css HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=30672000,public, immutable
expires: Tue, 08 Apr 2025 07:35:58 GMT
content-type: text/css
last-modified: Thu, 25 Jan 2024 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 70732
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| btl-agency.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp | 23.105.247.220 | 200 OK | 33 kB |
URL GET HTTP/3btl-agency.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJavaScript source, ASCII text, with very long lines (31997) Hash49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: application/javascript
last-modified: Wed, 22 May 2019 07:05:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 32853
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
|
|
| btl-agency.com/wp-content/uploads/2024/02/IMG_20240206_110201-360x240.jpeg?v=1708516380 | 23.105.247.220 | 200 OK | 21 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2024/02/IMG_20240206_110201-360x240.jpeg?v=1708516380 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 360x240, components 3 Hash2db5c3a9dbb7cb869364d5814d825b83 279ed206bf168ef5cb97f31bec12c46e5305ffab 99f84e948cb0252c4cc809dc8c62e1f4ad12a17259a553cb7fcc583670747fec
GET /wp-content/uploads/2024/02/IMG_20240206_110201-360x240.jpeg?v=1708516380 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/jpeg
last-modified: Wed, 21 Feb 2024 11:53:03 GMT
accept-ranges: bytes
content-length: 21360
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2024/02/IMG_20240205_102211-360x240.jpg?v=1708002849 | 23.105.247.220 | 200 OK | 19 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2024/02/IMG_20240205_102211-360x240.jpg?v=1708002849 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 360x240, components 3 Hash69931cb8ee3c93209286eeb874ae1ec0 5da683f41da9c0411fb8b2248d4fb59b528cf27b dbdcde09f8fbcbde0aee5642e655c99abdf6abcc77a8da57bff24f196dca3b3e
GET /wp-content/uploads/2024/02/IMG_20240205_102211-360x240.jpg?v=1708002849 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/jpeg
last-modified: Thu, 15 Feb 2024 13:14:12 GMT
accept-ranges: bytes
content-length: 19215
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2018/09/logo_footer-1.png | 23.105.247.220 | 200 OK | 2.8 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2018/09/logo_footer-1.png IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typePNG image data, 150 x 110, 8-bit colormap, non-interlaced Hash66aaa798a736102914a10724f663ccab 4f18002fd8b746fd1caac662335502c1f15bb190 1668ece4028276372999235f0f5a4467f3900d68af14e745d1f283b3c7cb5f93
GET /wp-content/uploads/2018/09/logo_footer-1.png HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/png
last-modified: Wed, 26 Sep 2018 23:26:20 GMT
accept-ranges: bytes
content-length: 2768
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2018/09/logo_header-1.png | 23.105.247.220 | 200 OK | 1.4 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2018/09/logo_header-1.png IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typePNG image data, 65 x 48, 8-bit/color RGBA, non-interlaced Hashd6c641fd43404d3064247298ea41613d 12355cca841c6234ff7be9cbcd23b6e178651aef 26a680e54c5b3aa50e721f4bcb1ccea5aa798ddf3378e9fe776771bfef15a4bf
GET /wp-content/uploads/2018/09/logo_header-1.png HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/png
last-modified: Wed, 26 Sep 2018 19:29:47 GMT
accept-ranges: bytes
content-length: 1445
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2024/02/IMG-20240207-WA0003-360x240.jpg?v=1708003025 | 23.105.247.220 | 200 OK | 21 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2024/02/IMG-20240207-WA0003-360x240.jpg?v=1708003025 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 360x240, components 3 Hash5f9475cd295f869813f431b0a86851cf 5f4858914e04e8bfccc6d869db34b3b0d3cfda23 27bd74fdfd96be3355286610c0e7ead2996d0f8ce75807eee778bbbf0e697c23
GET /wp-content/uploads/2024/02/IMG-20240207-WA0003-360x240.jpg?v=1708003025 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/jpeg
last-modified: Thu, 15 Feb 2024 13:17:08 GMT
accept-ranges: bytes
content-length: 20725
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_161939.jpg?v=1693811329 | 23.105.247.220 | 200 OK | 185 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_161939.jpg?v=1693811329 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1366x1025, components 3 Size185 kB (185306 bytes) Hash167cd044c28bd017f8ee701843eb6925 6772002ed9942b82a67793e138352116fbc3aef4 645438a9ac8679f2bdfef01b83850b3032b2f29ccaa28e4dead2d30a119fc29b
GET /wp-content/uploads/2023/09/IMG_20230830_161939.jpg?v=1693811329 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:53 GMT
accept-ranges: bytes
content-length: 185306
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 |  216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:38:02 GMT
expires: Fri, 18 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 17876
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:38:02 GMT
expires: Fri, 18 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 17876
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:38:02 GMT
expires: Fri, 18 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 17876
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| btl-agency.com/wp-content/cache/autoptimize/js/autoptimize_cc72f11bdc4ce5f9cb4d79c4f52d2413.js | 23.105.247.220 | 200 OK | 525 kB |
URL GET HTTP/3btl-agency.com/wp-content/cache/autoptimize/js/autoptimize_cc72f11bdc4ce5f9cb4d79c4f52d2413.js IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJavaScript source, ASCII text, with very long lines (16015) Size525 kB (525246 bytes) Hash065e3a50bf859a11e7891e6fd12b233d c20c75f04fc78900b5f0797bc24c8b7671d5d7c4 400214efd571156c7a8b54be7377a3f005523da876c8b3d7b924db2dfe80a624
GET /wp-content/cache/autoptimize/js/autoptimize_cc72f11bdc4ce5f9cb4d79c4f52d2413.js HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=30672000,public, immutable
expires: Tue, 08 Apr 2025 07:35:58 GMT
content-type: application/javascript
last-modified: Sat, 06 Apr 2024 10:34:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 | 216.58.207.227 | 200 OK | 21 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 IP216.58.207.227:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21288, version 1.0 Hashe648b4f809fa852297cf344248779163 ea6b174e3bca31d6d29b84ffbcbcc3749e47892e 637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:21:02 GMT
expires: Wed, 16 Apr 2025 03:21:02 GMT
cache-control: public, max-age=31536000
age: 188096
last-modified: Wed, 13 Sep 2023 22:43:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 | 216.58.207.227 | 200 OK | 21 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 IP216.58.207.227:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21288, version 1.0 Hashe648b4f809fa852297cf344248779163 ea6b174e3bca31d6d29b84ffbcbcc3749e47892e 637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:21:02 GMT
expires: Wed, 16 Apr 2025 03:21:02 GMT
cache-control: public, max-age=31536000
age: 188096
last-modified: Wed, 13 Sep 2023 22:43:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 | 216.58.207.227 | 200 OK | 21 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 IP216.58.207.227:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21288, version 1.0 Hashe648b4f809fa852297cf344248779163 ea6b174e3bca31d6d29b84ffbcbcc3749e47892e 637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:21:02 GMT
expires: Wed, 16 Apr 2025 03:21:02 GMT
cache-control: public, max-age=31536000
age: 188096
last-modified: Wed, 13 Sep 2023 22:43:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 | 216.58.207.227 | 200 OK | 21 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 IP216.58.207.227:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21288, version 1.0 Hashe648b4f809fa852297cf344248779163 ea6b174e3bca31d6d29b84ffbcbcc3749e47892e 637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:21:02 GMT
expires: Wed, 16 Apr 2025 03:21:02 GMT
cache-control: public, max-age=31536000
age: 188096
last-modified: Wed, 13 Sep 2023 22:43:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_173624-375x500.jpg?v=1693811274 | 23.105.247.220 | 200 OK | 40 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_173624-375x500.jpg?v=1693811274 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 375x500, components 3 Hash3cfa240996f344e22291e7b45bc384cc 6c9dd8223f8876fd0541f6b7ca96fc3c67dd32f7 0ff4ce61d52e419f3d331faf905ca850cd5c7fd5dbe8b3765752da35f41e3044
GET /wp-content/uploads/2023/09/IMG_20230830_173624-375x500.jpg?v=1693811274 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:07:56 GMT
accept-ranges: bytes
content-length: 39792
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_170443-375x500.jpg?v=1693811279 | 23.105.247.220 | 200 OK | 38 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_170443-375x500.jpg?v=1693811279 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 375x500, components 3 Hash69ab3999b5cbf29fa541cb272017fddd 21783254e5ea0654505db134cb3be950d30319cf 7892e561b38d563172312fcb3ca742c0fd3a63fb4c81c625207c7a50ac716a1f
GET /wp-content/uploads/2023/09/IMG_20230830_170443-375x500.jpg?v=1693811279 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:02 GMT
accept-ranges: bytes
content-length: 38166
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_161939-500x375.jpg?v=1693811329 | 23.105.247.220 | 200 OK | 38 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_161939-500x375.jpg?v=1693811329 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 500x375, components 3 Hash048fbe9b322968140c1a4e84d3d55959 b6635e54da77d0e407ca5b1cbe51fba40ff6e383 ee27d32088d04728ae27063d39ba6a4647dd1793819aec86ac29e49bcaf92beb
GET /wp-content/uploads/2023/09/IMG_20230830_161939-500x375.jpg?v=1693811329 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:53 GMT
accept-ranges: bytes
content-length: 38491
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| w.uptolike.com/widgets/v1/uptolike.js | 95.163.114.204 | 200 OK | 8.3 kB |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/uptolike.js IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeJavaScript source, ASCII text, with very long lines (565) Hash2784c76248e26562bcc47801da0c2b46 17db15fa5f7c7e4d5001bcef26add495b5dd6e3e c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
GET /widgets/v1/uptolike.js HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:35:58 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=35534588484; Expires=Sat, 18 Apr 2026 07:35:58 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="; Expires=Sat, 18 Apr 2026 07:35:58 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=1800
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Expires: Thu, 18 Apr 2024 08:05:58 GMT
Content-Encoding: gzip
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_173624.jpg?v=1693811274 | 23.105.247.220 | 200 OK | 177 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_173624.jpg?v=1693811274 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1025x1366, components 3 Size177 kB (177410 bytes) Hashf6930eedc3c5a9999d68af81e2c9944f 27938a62dec3c234725f29775757a01eaf381b63 ab6fdb2a57562a79e0b5e949111faaa7b8670cb26ae86a90b4064c2f27c11931
GET /wp-content/uploads/2023/09/IMG_20230830_173624.jpg?v=1693811274 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:58 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:07:55 GMT
accept-ranges: bytes
content-length: 177410
date: Thu, 18 Apr 2024 07:35:58 GMT
server: LiteSpeed
vary: User-Agent
|
|
| start.apistatexperience.com/scripts/cdn.js |  193.163.7.113 | 200 OK | 176 kB |
URL GET HTTP/2start.apistatexperience.com/scripts/cdn.js IP193.163.7.113:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectstart.apistatexperience.com Fingerprint28:F5:CE:2A:08:2F:36:E5:98:B3:A5:EB:D8:E3:88:ED:80:5B:E8:BA ValidityFri, 01 Mar 2024 11:23:28 GMT - Thu, 30 May 2024 11:23:27 GMT
File typegzip compressed data, from Unix Size176 kB (176414 bytes) Hashdb511232ebb81c4fd6e8236ac00d34ae 87983fa5d423457333cab45ffc3f4916c2a78146 4882616b145b716826857f85f5a19af1653b8acd72c2e9d0d0b1014d59c08ca8
| Analyzer | Verdict | Alert |
|---|
| ThreatFox | malicious | Unknown malware | | Quad9 DNS | malicious | Sinkholed |
GET /scripts/cdn.js HTTP/1.1
Host: start.apistatexperience.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:35:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Mar 2024 16:10:12 GMT
vary: Accept-Encoding
etag: W/"65e5f264-2fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit | 142.250.74.164 | 200 OK | 666 B |
URL GET HTTP/2www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit IP142.250.74.164:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File typeJavaScript source, ASCII text, with very long lines (987), with no line terminators Hash0a7f7d8f2d7103273b7b7fbd9c39681d 15ff99a34be63f55c08b851877fb3d51f1bf726e 01f77da39b8a66dda7ad23593d271e0f1e9f11264010c2b9c8029d108d274793
GET /recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Thu, 18 Apr 2024 07:35:58 GMT
date: Thu, 18 Apr 2024 07:35:58 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bind.bestresulttostart.com/scripts/statistics.js | 193.163.7.113 | 200 OK | 38 kB |
URL GET HTTP/2bind.bestresulttostart.com/scripts/statistics.js IP193.163.7.113:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typegzip compressed data, from Unix Hash327cc38d995011d4a4ad426191a4e47e 71301161b75e42301523997ceebcb59087894f50 b6525760c44c9a928069264751b6f0ed1d167822ae66c2e74d19a3bb37c75e78
| Analyzer | Verdict | Alert |
|---|
| ThreatFox | malicious | Unknown malware | | mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /scripts/statistics.js HTTP/1.1
Host: bind.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:35:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 09 Apr 2024 17:57:49 GMT
vary: Accept-Encoding
etag: W/"6615819d-35d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_162515-500x375.jpg?v=1693811319 | 23.105.247.220 | 200 OK | 37 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_162515-500x375.jpg?v=1693811319 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 500x375, components 3 Hash60c3d98f5b6d9d79d5f6bcf684776e4f 62b834968e5adb93cd89cc881d97b8d7f01bf9c5 c02de3fec2ee86d604f2a18edf17a293ee9bb5cf7e2e5d0fbdb20877a3b2d971
GET /wp-content/uploads/2023/09/IMG_20230830_162515-500x375.jpg?v=1693811319 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:59 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:42 GMT
accept-ranges: bytes
content-length: 36551
date: Thu, 18 Apr 2024 07:35:59 GMT
server: LiteSpeed
vary: User-Agent
|
|
| w.uptolike.com/widgets/v1/widgetsModule.js?v=1ea92d09c43527572b24fe052f11127b | 95.163.114.204 | 200 OK | 42 kB |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/widgetsModule.js?v=1ea92d09c43527572b24fe052f11127b IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeJavaScript source, ASCII text, with very long lines (783) Hash240071471507256c22e1c44296895f56 5f6b2ca5e47eabb6d781c25a0444ef182eca9136 b88941280116e7a372f60983e6e34cc9aee1ff3ff1b48ff29602232ef0d03b77
GET /widgets/v1/widgetsModule.js?v=1ea92d09c43527572b24fe052f11127b HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Cookie: utl_id2=35534588484; utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:35:59 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 18 Apr 2024 08:05:59 GMT
Content-Encoding: gzip
|
|
| visit.startfinishthis.com/2L1mRj?q=btl-agency.com | 172.67.152.194 | 200 OK | 3.5 kB |
URL GET HTTP/2visit.startfinishthis.com/2L1mRj?q=btl-agency.com IP172.67.152.194:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7750) Hash02b232562fac1f903859abaf066919c5 eb98b38e5e5af2127e333c0d91efd5f5d2299e0b 5268cd6ccfe14126dda3076f3b128ec20995afdb4875e0494880e71f1cb741d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /2L1mRj?q=btl-agency.com HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:35:59 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 07:35:59 GMT
set-cookie: _subid=376l60jdtriso; expires=Sun, 19 May 2024 07:35:59 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxMzQyNTc1OX0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTM0MjU3NTl9LFwidGltZVwiOjE3MTM0MjU3NTl9In0.8v768890dYBgOJKgkFzr7UINrH0619bRFGklTvLSKwo; expires=Fri, 05 Aug 2078 15:11:58 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkvAUq01bVoi7AzG%2BwX%2Bk79%2FAxap1ZO6F3kZ%2FEIcfxTPhFlwc%2Fsdsnu5VFnTa6Bh1BVIN5JiSpsMk2oc7KzoMchO1YF5FXFljuLQqDjKxNpOnqiQYHuesYQ9Dlparx7AJW8L57Vwi1uBDNIc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762fb32ac62568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| scripts.bestresulttostart.com/J3VHzg | 193.163.7.113 | 200 OK | 5.9 kB |
URL GET HTTP/2scripts.bestresulttostart.com/J3VHzg IP193.163.7.113:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectbestresulttostart.com FingerprintF4:4C:F5:1D:A8:B6:9F:52:11:56:EC:A1:D7:C6:98:DF:2E:96:E0:4C ValidityMon, 08 Apr 2024 08:36:22 GMT - Sun, 07 Jul 2024 08:36:21 GMT
File typeJavaScript source, ASCII text, with very long lines (13785) Hash58d15c8061659ef77d42e8c5d3ff4984 4fefb78331ee102e720c03a36265f3b286df3457 709f60c4e7be64193c1eff6aca024338e157da87200e114e84b061bfed693f98
| Analyzer | Verdict | Alert |
|---|
| ThreatFox | malicious | Unknown malware | | mnemonic secure dns | malicious | Sinkholed | | Quad9 DNS | malicious | Sinkholed |
GET /J3VHzg HTTP/1.1
Host: scripts.bestresulttostart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:35:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 5919
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2
|
|
| w.uptolike.com/widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b | 95.163.114.204 | 200 OK | 4.4 kB |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeHTML document, ASCII text, with very long lines (585) Hashaad7f2e781d3d7186c012ae563148344 92f817d5afe4b1ef26151a615f6081601b67af29 97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8
GET /widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Cookie: utl_id2=35534588484; utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:35:59 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 18 Apr 2024 08:05:59 GMT
Content-Encoding: gzip
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_174150-500x375.jpg?v=1693811267 | 23.105.247.220 | 200 OK | 40 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_174150-500x375.jpg?v=1693811267 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 500x375, components 3 Hash9c143e6fe50464b812db07cabed7feb2 2ab467319c6ecfe8ccc12c294460b1252dd1c078 e6001af8d873e82d7fb6a3fa5716a3e2ba96f40a89cbb752ad6c7e937a3cb42a
GET /wp-content/uploads/2023/09/IMG_20230830_174150-500x375.jpg?v=1693811267 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:59 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:07:50 GMT
accept-ranges: bytes
content-length: 39770
date: Thu, 18 Apr 2024 07:35:59 GMT
server: LiteSpeed
vary: User-Agent
|
|
| w.uptolike.com/widgets/v1/impression.html?1ea92d09c43527572b24fe052f11127b | 95.163.114.204 | 200 OK | 624 B |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/impression.html?1ea92d09c43527572b24fe052f11127b IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeHTML document, ASCII text, with very long lines (511) Hash16542324cd2eaf3768c55519eaf856ce ce93dc8677e21093b31e45b645e82e5b64d5dc52 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
GET /widgets/v1/impression.html?1ea92d09c43527572b24fe052f11127b HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Cookie: utl_id2=35534588484; utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:35:59 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 18 Apr 2024 08:05:59 GMT
Content-Encoding: gzip
|
|
| w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyY21zYnRsYWdlbmN5Y29tJTIyJTJDJTIydXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZidGwtYWdlbmN5LmNvbSUyRjIwMjMlMkYwOSUyRnByb21vLWFrY2l5YS1vdC1rb211cy12LXRjLWt2YXJ0YWwtZG9tb2RlZG92byUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1713425759596364 | 95.163.114.204 | 200 OK | 405 B |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyY21zYnRsYWdlbmN5Y29tJTIyJTJDJTIydXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZidGwtYWdlbmN5LmNvbSUyRjIwMjMlMkYwOSUyRnByb21vLWFrY2l5YS1vdC1rb211cy12LXRjLWt2YXJ0YWwtZG9tb2RlZG92byUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1713425759596364 IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://w.uptolike.com/widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeASCII text, with very long lines (374) Hash1a62a84c820af9c56b48adfeb5cf4fa8 96bccf1c6c58b020d052ac790800276f4b9bfa7c f76f7d2a81b127510041ed25c1de4cfc931321a779cbf18407e8da7d05ec5991
GET /widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyY21zYnRsYWdlbmN5Y29tJTIyJTJDJTIydXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZidGwtYWdlbmN5LmNvbSUyRjIwMjMlMkYwOSUyRnByb21vLWFrY2l5YS1vdC1rb211cy12LXRjLWt2YXJ0YWwtZG9tb2RlZG92byUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1713425759596364 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b
Cookie: utl_id2=35534588484; utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:35:59 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 12 Apr 2024 18:48:30 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231322 | 95.163.114.204 | 200 OK | 9.4 kB |
URL GET HTTP/1.1w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231322 IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeWeb Open Font Format, TrueType, length 9432, version 0.0 Hash4fa32c8069573a8caa28c5dc9e370b2e 3cd776adbc6614ec2f2b99e26f4ebda3b3a956e6 80cafb0980698adad869f76e5b9529b6de350713f25f7fc305306939ac8b7445
GET /static/buttons/fonts/icomoon.woff?qq11232333=1232131231322 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:35:59 GMT
Content-Type: font/woff
Content-Length: 9432
Connection: keep-alive
Last-Modified: Wed, 06 Dec 2023 14:45:31 GMT
ETag: "6570890b-24d8"
Expires: Wed, 05 Jun 2024 07:40:36 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| visit.startfinishthis.com/2L1mRj?q=btl-agency.com | 172.67.152.194 | 200 OK | 3.5 kB |
URL GET HTTP/2visit.startfinishthis.com/2L1mRj?q=btl-agency.com IP172.67.152.194:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7750) Hash02b232562fac1f903859abaf066919c5 eb98b38e5e5af2127e333c0d91efd5f5d2299e0b 5268cd6ccfe14126dda3076f3b128ec20995afdb4875e0494880e71f1cb741d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /2L1mRj?q=btl-agency.com HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:35:59 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 07:35:59 GMT
set-cookie: _subid=376l60jdtritv; expires=Sun, 19 May 2024 07:35:59 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxMzQyNTc1OX0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTM0MjU3NTl9LFwidGltZVwiOjE3MTM0MjU3NTl9In0.8v768890dYBgOJKgkFzr7UINrH0619bRFGklTvLSKwo; expires=Fri, 05 Aug 2078 15:11:58 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDxHX06CWvZz5SviDClreh1cM5%2F52qZs89QwVPdo0gm2F2jau6DSw4lFvGVw5T9dvqWh43qjq4TiEb8qPLEO8BSPtoYo7rY%2Fbi9I1FHxJYG0AY2Bi7r9rgAErhfJMQg87we0LV72seujgcD7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762fb351fd3b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| w.uptolike.com/widgets/v1/imp?pid=cmsbtlagencycom&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F&vp=9fbadc21-710a-494e-a9c5-eae56b9cb22f&ttl=JUQwJTlGJUQxJTgwJUQwJUJFJUQwJUJDJUQwJUJFLSVEMCVCMCVEMCVCQSVEMSU4NiVEMCVCOCVEMSU4RiUyMCVEMCVCRSVEMSU4MiUyMCVEMCU5QSVEMCVCRSVEMCVCQyVEMSU4MyVEMSU4MSUyMCVEMCVCMiUyMCVEMCVBMiVEMCVBNiUyMCVEMCU5QSVEMCVCMiVEMCVCMCVEMSU4MCVEMSU4MiVEMCVCMCVEMCVCQiUyQyUyMCVEMCU5NCVEMCVCRSVEMCVCQyVEMCVCRSVEMCVCNCVEMCVCNSVEMCVCNCVEMCVCRSVEMCVCMiVEMCVCRSUyMC0lMjBGaXZlJTIwUHJvbW90aW9uJTIwLSUyMEJUTCUyMCVEMCVCMCVEMCVCMyVEMCVCNSVEMCVCRCVEMSU4MiVEMSU4MSVEMSU4MiVEMCVCMiVEMCVCRSUyMCVEMCVCMiUyMCVEMCU5QyVEMCVCRSVEMSU4MSVEMCVCQSVEMCVCMiVEMCVCNQ%3D%3D&rnd=0.2531481052917558 | 95.163.114.204 | 204 No Content | 0 B |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/imp?pid=cmsbtlagencycom&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F&vp=9fbadc21-710a-494e-a9c5-eae56b9cb22f&ttl=JUQwJTlGJUQxJTgwJUQwJUJFJUQwJUJDJUQwJUJFLSVEMCVCMCVEMCVCQSVEMSU4NiVEMCVCOCVEMSU4RiUyMCVEMCVCRSVEMSU4MiUyMCVEMCU5QSVEMCVCRSVEMCVCQyVEMSU4MyVEMSU4MSUyMCVEMCVCMiUyMCVEMCVBMiVEMCVBNiUyMCVEMCU5QSVEMCVCMiVEMCVCMCVEMSU4MCVEMSU4MiVEMCVCMCVEMCVCQiUyQyUyMCVEMCU5NCVEMCVCRSVEMCVCQyVEMCVCRSVEMCVCNCVEMCVCNSVEMCVCNCVEMCVCRSVEMCVCMiVEMCVCRSUyMC0lMjBGaXZlJTIwUHJvbW90aW9uJTIwLSUyMEJUTCUyMCVEMCVCMCVEMCVCMyVEMCVCNSVEMCVCRCVEMSU4MiVEMSU4MSVEMSU4MiVEMCVCMiVEMCVCRSUyMCVEMCVCMiUyMCVEMCU5QyVEMCVCRSVEMSU4MSVEMCVCQSVEMCVCMiVEMCVCNQ%3D%3D&rnd=0.2531481052917558 IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://w.uptolike.com/widgets/v1/impression.html?1ea92d09c43527572b24fe052f11127b CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/v1/imp?pid=cmsbtlagencycom&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F&vp=9fbadc21-710a-494e-a9c5-eae56b9cb22f&ttl=JUQwJTlGJUQxJTgwJUQwJUJFJUQwJUJDJUQwJUJFLSVEMCVCMCVEMCVCQSVEMSU4NiVEMCVCOCVEMSU4RiUyMCVEMCVCRSVEMSU4MiUyMCVEMCU5QSVEMCVCRSVEMCVCQyVEMSU4MyVEMSU4MSUyMCVEMCVCMiUyMCVEMCVBMiVEMCVBNiUyMCVEMCU5QSVEMCVCMiVEMCVCMCVEMSU4MCVEMSU4MiVEMCVCMCVEMCVCQiUyQyUyMCVEMCU5NCVEMCVCRSVEMCVCQyVEMCVCRSVEMCVCNCVEMCVCNSVEMCVCNCVEMCVCRSVEMCVCMiVEMCVCRSUyMC0lMjBGaXZlJTIwUHJvbW90aW9uJTIwLSUyMEJUTCUyMCVEMCVCMCVEMCVCMyVEMCVCNSVEMCVCRCVEMSU4MiVEMSU4MSVEMSU4MiVEMCVCMiVEMCVCRSUyMCVEMCVCMiUyMCVEMCU5QyVEMCVCRSVEMSU4MSVEMCVCQSVEMCVCMiVEMCVCNQ%3D%3D&rnd=0.2531481052917558 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/impression.html?1ea92d09c43527572b24fe052f11127b
Cookie: utl_id2=35534588484; utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 18 Apr 2024 07:35:59 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
|
|
| btl-agency.com/wp-content/uploads/2018/09/round_logo_five_promotion_200px.png | 23.105.247.220 | 200 OK | 4.0 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2018/09/round_logo_five_promotion_200px.png IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typePNG image data, 200 x 200, 8-bit colormap, non-interlaced Hashd63e64d47809e6b41bce791741dcde51 9f11208c8c538fe83b490adf861b565e07f03443 cb6cdfc17b03853769d3b7238d368222e86560ab297b3b62a80e3f102504869e
GET /wp-content/uploads/2018/09/round_logo_five_promotion_200px.png HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:59 GMT
content-type: image/png
last-modified: Tue, 18 Sep 2018 20:56:10 GMT
accept-ranges: bytes
content-length: 3977
date: Thu, 18 Apr 2024 07:35:59 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2018/09/round_logo_five_promotion_200px-150x150.png | 23.105.247.220 | 200 OK | 7.0 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2018/09/round_logo_five_promotion_200px-150x150.png IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced Hash986343de415133dcc8b7f3633205d5ef f5f5c8088af48e20fda2fb79011e1a528c963f78 91d0930708ff269b293c7f1185529f7941cc9e804f8472710cc2ffd096981cb1
GET /wp-content/uploads/2018/09/round_logo_five_promotion_200px-150x150.png HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:59 GMT
content-type: image/png
last-modified: Tue, 18 Sep 2018 20:56:10 GMT
accept-ranges: bytes
content-length: 6997
date: Thu, 18 Apr 2024 07:35:59 GMT
server: LiteSpeed
vary: User-Agent
|
|
| www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js | 142.250.74.35 | 200 OK | 203 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (554) Size203 kB (203369 bytes) Hashe9ccb3dbde79ba5ffdf9cad4b32d59fd 3a8cd67adc7c885bdf683f1e7f491e6a4a50679f 8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
GET /recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 203369
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 02:30:15 GMT
expires: Sun, 13 Apr 2025 02:30:15 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 450344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| w.uptolike.com/widgets/v1/extra.js?rnd=0.660473227228267 | 95.163.114.203 | 200 OK | 1.9 kB |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/extra.js?rnd=0.660473227228267 IP95.163.114.203:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeJavaScript source, ASCII text, with very long lines (702) Hashacd71f7a0b077016ca1c909170ae2cb1 a907a1b31156d04effdd67e3e401e9e67b84a882 bd8526786ae1ec8381d4d70c5a4db4ed1045674cc70244136b6608dcab749795
GET /widgets/v1/extra.js?rnd=0.660473227228267 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Cookie: utl_id2=35534588484; utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:35:59 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 12 Apr 2024 18:48:30 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=35534588484; Expires=Sat, 18 Apr 2026 07:35:59 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="; Expires=Sat, 18 Apr 2026 07:35:59 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| progresschecker.ru/check/ | 62.109.4.88 | 200 OK | 3 B |
URL GET HTTP/1.1progresschecker.ru/check/ IP62.109.4.88:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectprogresschecker.ru Fingerprint1B:48:D5:04:67:BD:D4:09:1B:4C:78:E0:F4:AF:64:E0:0A:B0:75:DD ValidityFri, 12 Apr 2024 16:14:37 GMT - Thu, 11 Jul 2024 16:14:36 GMT
Hashb519d08ef66fd54910edbedba6181ec2 8d06436c33a3086259f2f1ccaf03425707eeff17 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
GET /check/ HTTP/1.1
Host: progresschecker.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.4
Date: Thu, 18 Apr 2024 07:36:00 GMT
Content-Type: application/javascript
Content-Length: 3
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Thursday, 18-Apr-2024 07:36:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
|
|
| af.click.ru/collect_stat.js | 217.197.112.80 | 200 OK | 913 B |
URL GET HTTP/1.1af.click.ru/collect_stat.js IP217.197.112.80:443 ASN#20655 e-Style ISP LLC
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.click.ru Fingerprint25:76:82:72:8F:0B:FE:0F:5A:DD:BF:E4:63:4B:73:CC:4E:62:26:32 ValidityTue, 30 Jan 2024 09:48:16 GMT - Mon, 29 Apr 2024 09:48:15 GMT
File typeJavaScript source, ASCII text Hash9531806d16d72f9659eaab01bd09689b 7640f092c2b928c614bb46251477a3c80b3e820b a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
GET /collect_stat.js HTTP/1.1
Host: af.click.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:36:00 GMT
Content-Type: application/javascript
Content-Length: 913
Last-Modified: Fri, 18 Nov 2022 09:50:15 GMT
Connection: keep-alive
ETag: "63775557-391"
Accept-Ranges: bytes
|
|
| static.trustlink.ru/marking.js | 95.163.111.160 | 200 OK | 2.1 kB |
URL GET HTTP/1.1static.trustlink.ru/marking.js IP95.163.111.160:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectstatic.trustlink.ru Fingerprint35:FB:2C:B6:2A:91:26:08:21:63:4A:13:C1:53:2D:0D:EC:D6:1E:DB ValiditySat, 23 Mar 2024 21:10:26 GMT - Fri, 21 Jun 2024 21:10:25 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash84e9457542822d48082d57fa1bed8719 26953e24199a95f0057a831113675cef9563714b e141a7468c01925b15e895fdd4c65e44b8366d6f9a5be9484487ea358d215acf
GET /marking.js HTTP/1.1
Host: static.trustlink.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.2.6
Date: Thu, 18 Apr 2024 07:36:00 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 25 Jan 2024 13:24:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| w.uptolike.com/widgets/v1/zp/support.html | 95.163.114.204 | 200 OK | 3.8 kB |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/zp/support.html IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeHTML document, ASCII text Hash12d34599a0aa7c7d32aebada7b15e06d b0c3e03792d85edff500693eaf5e5d80e4a4e70b dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
GET /widgets/v1/zp/support.html HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Cookie: utl_id2=35534588484; utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:36:00 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 18 Apr 2024 08:06:00 GMT
Content-Encoding: gzip
|
|
| api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1713425760886848 |  2.18.172.195 | 200 OK | 148 B |
URL GET HTTP/2api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1713425760886848 IP2.18.172.195:443
Requested byhttps://w.uptolike.com/widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b CertificateIssuerDigiCert Inc Subject*.pinterest.com Fingerprint8E:D1:BC:9A:53:E5:51:57:5E:48:5E:22:82:8C:60:F8:74:F0:08:AC ValidityMon, 07 Aug 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashff691b3012fbc31180b0a0cd9757233e 514effb99b84459f1ff0b62136e68d13eed1dcdf f2aed23302c4fa88de15e73405a33d1e26f7e58eb12b3e2f063a6e4e1515a2f4
GET /v1/urls/count.json?&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1713425760886848 HTTP/1.1
Host: api.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
content-length: 148
expires: Thu, 18 Apr 2024 07:51:01 GMT
x-envoy-upstream-service-time: 3
cache-control: no-cache, no-store, must-revalidate
x-pinterest-rid: 9595300702806559
date: Thu, 18 Apr 2024 07:36:01 GMT
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
akamai-grn: 0.540a655f.1713425761.b6180e7
x-cdn: akamai
X-Firefox-Spdy: h2
|
|
| api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F&callback=callback__utl_cb_share_171342576088566 | 2.18.172.195 | 200 OK | 137 B |
URL GET HTTP/2api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F&callback=callback__utl_cb_share_171342576088566 IP2.18.172.195:443
Requested byhttps://w.uptolike.com/widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b CertificateIssuerDigiCert Inc Subject*.pinterest.com Fingerprint8E:D1:BC:9A:53:E5:51:57:5E:48:5E:22:82:8C:60:F8:74:F0:08:AC ValidityMon, 07 Aug 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash49cc2486953daa4cce5087f5d05967c2 06fb2abb4e7ee3fb66a23d7a9492226773271209 18be44b54da3079d794de61bca7f0f9e2f1a0f0630162ca3a6308296ce8ded66
GET /v1/urls/count.json?&url=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F&callback=callback__utl_cb_share_171342576088566 HTTP/1.1
Host: api.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
content-length: 137
expires: Thu, 18 Apr 2024 07:51:01 GMT
x-envoy-upstream-service-time: 2
cache-control: no-cache, no-store, must-revalidate
x-pinterest-rid: 1495103280476587
date: Thu, 18 Apr 2024 07:36:01 GMT
alt-svc: h3=":443"; ma=600
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
akamai-grn: 0.540a655f.1713425761.b6180e6
x-cdn: akamai
X-Firefox-Spdy: h2
|
|
| connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1713425760882355 | 217.20.152.207 | 200 OK | 6.1 kB |
URL GET HTTP/2connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1713425760882355 IP217.20.152.207:443
Requested byhttps://w.uptolike.com/widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b CertificateIssuerGlobalSign nv-sa Subject*.ok.ru Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3 ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File typeASCII text, with no line terminators Hash32b1ea77432373a4e0244a5233a52d5b 5d3db390a16ddca066c449672c5bacbde793eda9 48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
GET /dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1713425760882355 HTTP/1.1
Host: connect.ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: apache
date: Thu, 18 Apr 2024 07:36:01 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=-8995564522690242841; Max-Age=2147483647; Expires=Tue, 06 May 2092 10:50:08 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
_statid=f2a13169-d6fc-4e2c-80f3-9c56201d4b51; Max-Age=2147483647; Expires=Tue, 06 May 2092 10:50:08 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
landref=w.uptolike.com; Domain=ok.ru; Path=/; Secure
__last_online=1713425761057; Max-Age=2147483647; Expires=Tue, 06 May 2092 10:50:08 GMT; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
x-client-flags: ms:0;dcss:0
x-stateid: extLike
content-encoding: br
X-Firefox-Spdy: h2
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_165205-375x500.jpg?v=1693811286 | 23.105.247.220 | 200 OK | 41 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_165205-375x500.jpg?v=1693811286 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 375x500, components 3 Hash266baebcd835956eb462a09f3f897692 46979ecd78ca71a14e49cdc63621ae81d8ef276d 568f542e4abed906f7ce838c2467f871beedac0bc4c1ae5ec9eb7493b39f68df
GET /wp-content/uploads/2023/09/IMG_20230830_165205-375x500.jpg?v=1693811286 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:36:18 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:08 GMT
accept-ranges: bytes
content-length: 41120
date: Thu, 18 Apr 2024 07:36:18 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_164729-500x375.jpg?v=1693811299 | 23.105.247.220 | 200 OK | 40 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_164729-500x375.jpg?v=1693811299 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 500x375, components 3 Hash45e29feaf8695aadad6b0700ed45ed4d 9b0c1bdfc5b80c8db8f4ad323d1bad457ca9e812 656c2e285fd7246a6c97ee84fb87f135becece2870002d89a342f73a7bed898c
GET /wp-content/uploads/2023/09/IMG_20230830_164729-500x375.jpg?v=1693811299 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:36:18 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:21 GMT
accept-ranges: bytes
content-length: 40289
date: Thu, 18 Apr 2024 07:36:18 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_164656-375x500.jpg?v=1693811293 | 23.105.247.220 | 200 OK | 40 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_164656-375x500.jpg?v=1693811293 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 375x500, components 3 Hash0fe5abd693f434056d1e8c274728eb61 2df8887e1c99ea3e2e373e9ce7a05b7566998154 c4fd37bc55cbd9ed833ed6c27927530b6b0a5b6407871981f015d8389648eb13
GET /wp-content/uploads/2023/09/IMG_20230830_164656-375x500.jpg?v=1693811293 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:36:18 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:15 GMT
accept-ranges: bytes
content-length: 39622
date: Thu, 18 Apr 2024 07:36:18 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2018/09/round_logo_five_promotion_200px.png | 23.105.247.220 | 200 OK | 4.0 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2018/09/round_logo_five_promotion_200px.png IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typePNG image data, 200 x 200, 8-bit colormap, non-interlaced Hashd63e64d47809e6b41bce791741dcde51 9f11208c8c538fe83b490adf861b565e07f03443 cb6cdfc17b03853769d3b7238d368222e86560ab297b3b62a80e3f102504869e
GET /wp-content/uploads/2018/09/round_logo_five_promotion_200px.png HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:36:18 GMT
content-type: image/png
last-modified: Tue, 18 Sep 2018 20:56:10 GMT
accept-ranges: bytes
content-length: 3977
date: Thu, 18 Apr 2024 07:36:18 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2018/09/round_logo_five_promotion_200px-150x150.png | 23.105.247.220 | 200 OK | 7.0 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2018/09/round_logo_five_promotion_200px-150x150.png IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced Hash986343de415133dcc8b7f3633205d5ef f5f5c8088af48e20fda2fb79011e1a528c963f78 91d0930708ff269b293c7f1185529f7941cc9e804f8472710cc2ffd096981cb1
GET /wp-content/uploads/2018/09/round_logo_five_promotion_200px-150x150.png HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:36:18 GMT
content-type: image/png
last-modified: Tue, 18 Sep 2018 20:56:10 GMT
accept-ranges: bytes
content-length: 6997
date: Thu, 18 Apr 2024 07:36:18 GMT
server: LiteSpeed
vary: User-Agent
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_162504-375x500.jpg?v=1693811309 | 23.105.247.220 | 200 OK | 32 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_162504-375x500.jpg?v=1693811309 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 375x500, components 3 Hash32757cedd21994d9c568d968c951a05c 0aca780d9521545a655296e4d37d76f1aa3e55a8 de0e9c0666579c90b08f315e4c2588650f3fe373cc9cfe9324e1b0a54f6deaa1
GET /wp-content/uploads/2023/09/IMG_20230830_162504-375x500.jpg?v=1693811309 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:59 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:34 GMT
accept-ranges: bytes
content-length: 32082
date: Thu, 18 Apr 2024 07:35:59 GMT
server: LiteSpeed
vary: User-Agent
|
|
| fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C700&subset=latin&ver=5.4.15 | 142.250.74.170 | 200 OK | 6.9 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C700&subset=latin&ver=5.4.15 IP142.250.74.170:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (7040), with no line terminators Hashe26c579cdd3169c455a431d0080de510 af6d93d8fc28a475b7444127595d8c1415b8fe47 dedd9f4bbc628d3ce3d77ee06d6a8838bf57a04e1b3dfa427503f4648fc85d34
GET /css?family=Montserrat%3A300%2C400%2C500%2C700&subset=latin&ver=5.4.15 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 07:35:58 GMT
date: Thu, 18 Apr 2024 07:35:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_17134257589842 | 95.163.114.204 | 200 OK | 68 B |
URL GET HTTP/1.1w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_17134257589842 IP95.163.114.204:443 ASN#12695 LLC Digital Network
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subjectuptolike.com FingerprintBA:DA:00:74:CA:B0:8D:E0:90:EA:99:66:66:8F:19:0D:4E:2C:F2:5E ValiditySun, 25 Feb 2024 14:22:24 GMT - Sat, 25 May 2024 14:22:23 GMT
File typeASCII text, with no line terminators Hash4d284928b8ec41bb7bfcfcde2e96f12f 9c9933d9c400a06af1cca6a1f688e0fbe1e8e914 866ea48f74c0826394fcdb252c2797bbfe209db8920e81174b2e6d89b02f74c1
GET /widgets/v1/version.js?cb=cb__utl_cb_share_17134257589842 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Cookie: utl_id2=35534588484; utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 07:35:59 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Fri, 12 Apr 2024 18:48:30 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=35534588484; Expires=Sat, 18 Apr 2026 07:35:59 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CKD1iIHvMRAAIKDG04nvMSigxtOJ7zEwANnVPV99pbwLMSuhzV0e03Y="; Expires=Sat, 18 Apr 2026 07:35:59 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo&callback=callback__utl_cb_share_1713425760881892 | 217.20.152.207 | 200 OK | 25 B |
URL GET HTTP/2connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo&callback=callback__utl_cb_share_1713425760881892 IP217.20.152.207:443
Requested byhttps://w.uptolike.com/widgets/v1/share-counter.html?1ea92d09c43527572b24fe052f11127b CertificateIssuerGlobalSign nv-sa Subject*.ok.ru Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3 ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File typeASCII text, with no line terminators Hash32b1ea77432373a4e0244a5233a52d5b 5d3db390a16ddca066c449672c5bacbde793eda9 48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
GET /dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fbtl-agency.com%2F2023%2F09%2Fpromo-akciya-ot-komus-v-tc-kvartal-domodedovo&callback=callback__utl_cb_share_1713425760881892 HTTP/1.1
Host: connect.ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: apache
date: Thu, 18 Apr 2024 07:36:01 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=-4673047639493889579; Max-Age=2147483647; Expires=Tue, 06 May 2092 10:50:08 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
_statid=fe18da98-db6c-4020-86d0-fec33e135882; Max-Age=2147483647; Expires=Tue, 06 May 2092 10:50:08 GMT; Domain=ok.ru; Path=/; Secure; HttpOnly
landref=w.uptolike.com; Domain=ok.ru; Path=/; Secure
__last_online=1713425761089; Max-Age=2147483647; Expires=Tue, 06 May 2092 10:50:08 GMT; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
x-client-flags: ms:0;dcss:0
x-stateid: extLike
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.1 | 142.250.74.170 | 200 OK | 13 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.1 IP142.250.74.170:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash54cc73ec30157d3ab7759fb400544cfa e90d7ae2693bbb737a6ced0e01522f3427224bb7 03f49bc3f6df2b29b5f27068bfb8e8ddd16525132543c96e0e77bec8f76a600d
GET /css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&subset=latin%2Clatin-ext&ver=3.0.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 07:35:58 GMT
date: Thu, 18 Apr 2024 07:35:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| visit.startfinishthis.com/fGGy8K | 172.67.152.194 | 200 OK | 0 B |
URL GET HTTP/2visit.startfinishthis.com/fGGy8K IP172.67.152.194:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /fGGy8K HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:35:59 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 07:35:59 GMT
set-cookie: _subid=376l60jdtrit7; expires=Sun, 19 May 2024 07:35:59 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ1XCI6MTcxMzQyNTc1OX0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTM0MjU3NTl9LFwidGltZVwiOjE3MTM0MjU3NTl9In0.N8U7T33XBVD08aoJna7c-DqTC3dokebaGBy3KtTra44; expires=Fri, 05 Aug 2078 03:11:58 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDu7OLp3hTEQi2%2Bwg2XfrPwZKzKNdUM2rNmOo6%2F%2B7WE85WZfHKfvGodaPFC4PgOrc5Y9Vo%2BWSuwOXzbZcqsUb1fCB99aZOmHEZQJpwefK0FAoQ6Dv3L5JEBD2YSVGsGGP9lG%2B5jz0E9%2BE0gg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762fb33adfe568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ | 23.105.247.220 | 200 OK | 75 kB |
URL User Request GET HTTP/2btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
link: <https://btl-agency.com/wp-json/>; rel="https://api.w.org/", <https://btl-agency.com/?p=8066>; rel=shortlink
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Thu, 18 Apr 2024 07:35:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
|
|
| visit.startfinishthis.com/fGGy8K | 172.67.152.194 | 200 OK | 0 B |
URL GET HTTP/3visit.startfinishthis.com/fGGy8K IP172.67.152.194:443
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerGoogle Trust Services LLC Subjectstartfinishthis.com FingerprintD5:E5:97:E4:E8:D4:53:86:B2:E1:D7:EF:F4:69:83:94:C6:46:E9:8C ValidityMon, 04 Mar 2024 14:59:39 GMT - Sun, 02 Jun 2024 14:59:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /fGGy8K HTTP/1.1
Host: visit.startfinishthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:35:59 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 18 Apr 2024 07:35:59 GMT
set-cookie: _subid=376l60jdtriu9; expires=Sun, 19 May 2024 07:35:59 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ1XCI6MTcxMzQyNTc1OX0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTM0MjU3NTl9LFwidGltZVwiOjE3MTM0MjU3NTl9In0.N8U7T33XBVD08aoJna7c-DqTC3dokebaGBy3KtTra44; expires=Fri, 05 Aug 2078 03:11:58 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECy2lgfV3aUGpyI3VXizGt%2BUXOqeIYyZy8TAB06GaqSXieS9M2m2EoHKMNw7B4tctjQ%2FF6BGiMggB5U3uI%2B5qgQCQkGDlYhM7AGhbJ2GBdE%2F4Agb89ShxVZqA9ywJbT%2B%2BHaskIyd92wz0AqZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762fb35c8e3b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/?vp_page=2 | 23.105.247.220 | 200 OK | 61 kB |
URL POST HTTP/3btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/?vp_page=2 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/?vp_page=2 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://btl-agency.com
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
access-control-allow-origin: https://btl-agency.com
access-control-allow-credentials: true
vary: Origin,Accept-Encoding,User-Agent
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
link: <https://btl-agency.com/wp-json/>; rel="https://api.w.org/", <https://btl-agency.com/?p=8066>; rel=shortlink
content-encoding: br
date: Thu, 18 Apr 2024 07:36:18 GMT
server: LiteSpeed
|
|
| btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_170443.jpg?v=1693811279 | 23.105.247.220 | 200 OK | 171 kB |
URL GET HTTP/3btl-agency.com/wp-content/uploads/2023/09/IMG_20230830_170443.jpg?v=1693811279 IP23.105.247.220:443 ASN#39134 Edinaya Set Limited Liability Company
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/ CertificateIssuerLet's Encrypt Subject*.btl-agency.com Fingerprint10:4E:60:B7:DB:12:85:74:9F:79:85:5F:63:3E:AE:CE:65:79:C2:B8 ValidityThu, 11 Apr 2024 20:40:00 GMT - Wed, 10 Jul 2024 20:39:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1025x1366, components 3 Size171 kB (171330 bytes) Hash975b087bb5694e2c35574c8cab5fe87a d2eb201a0307dccad42b1b2068574a3412209eb3 0eaddf1dbd0b8352fbd636734bdedf9e1ff8dafb42e4141ce8663c19f5ebcc92
GET /wp-content/uploads/2023/09/IMG_20230830_170443.jpg?v=1693811279 HTTP/1.1
Host: btl-agency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Cookie: PHPSESSID=97c60730b415fe16b85c6390dc24ee13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 07:35:59 GMT
content-type: image/jpeg
last-modified: Mon, 04 Sep 2023 07:08:01 GMT
accept-ranges: bytes
content-length: 171330
date: Thu, 18 Apr 2024 07:35:59 GMT
server: LiteSpeed
vary: User-Agent
|
|
| pddata.ru/data.js |  0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://btl-agency.com/2023/09/promo-akciya-ot-komus-v-tc-kvartal-domodedovo/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /data.js HTTP/1.1
Host: pddata.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btl-agency.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|