r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18506
Expires: Tue, 11 Oct 2022 19:47:09 GMT
Date: Tue, 11 Oct 2022 14:38:43 GMT
Connection: keep-alive
www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
104.21.12.130200 OK 10 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
IP 104.21.12.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1207), with CRLF line terminators
Hash 165de34666d0d6224a0273006ff5226e
9a6c845f02cb175003d886684a2a7e4cb794d3ed
ebb4d1369f7b1bd74cd64cfaeb35263599babe658eacb62a8d05deca9a1809fa
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enmLwnQzZ4mDjKD3NOOCcrtJvMp58RrvEfCZXyqIVOXSWQ%2BxQvwCe2vEV8BpXs9dklDnE0QgFvO%2F0WIHvGpNS%2BVuZhEsqwMfnpG8juqF83BAVGYNjmJWy3BAyVopiFuzJg1jNRM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7588574f9903b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
108.157.229.34200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 108.157.229.34:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 11 Oct 2022 13:48:40 GMT
Expires: Tue, 11 Oct 2022 14:30:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 3346055bb53a57ebf02828b88e1ee87c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: VNZzu2ryXXxYUBKjjxo-S6QS_HwnrDRIXmSbqSpG3PFCS3UJl-fqHQ==
Age: 3003
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0ffae9abfdf558a6286013a0201c8b
2dc8ea0000a1b0c0f849611fdd73429bca51bfad
8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11110
Expires: Tue, 11 Oct 2022 17:43:53 GMT
Date: Tue, 11 Oct 2022 14:38:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gDLXGoVSpU/vmGR2vF6qwGNv497owBanGk6bH2NQ/piYOUsrtcFCL6dHo4cHlIVwOCzyPlMbbQg=
x-amz-request-id: EGRZXECJD8XVT87G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 11 Oct 2022 14:32:57 GMT
age: 346
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 11 Oct 2022 14:38:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash befa75dbbe9d5dfa501f9c1f03b7cdfa
73814c47bdcd6bebffc963b71d0a20fb361fad50
76b8f843416709a64e030343fbea3e04b9ee9faf2872ddba29f7c8ea28041e28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1975)
Hash 1f96f8e2f5cc08f47009cbd9f6f299df
d422f99f0e65c7241b70b0829a11771dd62add32
95338dbde773052088f7984e32b92066a7b728d4d97afc0362408ddc9031e66a
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 11 Oct 2022 14:38:43 GMT
expires: Tue, 11 Oct 2022 14:38:43 GMT
cache-control: private, max-age=900
last-modified: Tue, 11 Oct 2022 14:14:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tilepin.ru.com/clicks/clipperpro_files/j.php
104.21.12.130200 OK 2.3 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/j.php
IP 104.21.12.130:0
File type ASCII text, with very long lines (2726)
Hash 763256a5d3268dd3d8dd78420998ac43
5ab2e304be2f245b1af785031aa30a0ef820b39c
ef9af97e732cb09622a2d16f896db47c63ddbe7d5b66fa609d382d912f7c851b
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/j.php HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMbPU5dYz%2F8OGOUTwCeHuzvc%2FLE1C0MR9C2eM7nzeHrXgsW7PsPO%2FDupB360eHG7MgXf5toSAC8zuxxksaFWv%2Bfl4MdBYH1LCinD3xSMMCXm40ck5QPPBjE%2FGmO4xt3mv9wTfPA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75885751e92eb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/vwo_tolerance_5000.js
104.21.12.130200 OK 702 B URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/vwo_tolerance_5000.js
IP 104.21.12.130:0
File type ASCII text, with very long lines (653)
Hash e9e3b40b579ef92db102270bd9ca3c87
307baf237d04900202d4b8c6b0ce89a503086784
d44fce28c2a9b7ecf9d6a18875f8bfccf7c60c03e0f1c6d9dd1286937a127c5e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/vwo_tolerance_5000.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-563"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GldaS74KqIcdoz5Ft8k0qfBZ2amcrDuZgdeX%2FR5yFbNMs8NKs5E1wJUa1K68Nyic%2FaTqJMtNWQP67hcyqI9ytVbyy2ZctrRdzx%2B0hbSHR4bbioSMO3vbWzjNMrxVWVBL1MXY0I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885751efbfb51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/blueshift.js
104.21.12.130200 OK 2.0 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/blueshift.js
IP 104.21.12.130:0
File type ASCII text, with very long lines (4246), with no line terminators
Hash e510f0f99cb3baeac9c35553b8aec6f7
af64d1fc4bf5aa002596afa0d3c52a396ff69720
df549f295116025c11a3d9c8c4491963ba4f08ef3b3aa6eaa29542777cac70b1
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/blueshift.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-1096"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRZVyLN4nKAgurlDqOChXEksmYEdrFo1QUAPZ21r77oQmb4ikTrGnhiMLXV25vQis7MqauQ6bbRVCkB5dSj6ludaKK7hmyy1%2BZ%2F4tYmUl37FXaqgY%2FfyyCQCssLtfPSuMpcvnJ4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885751df6eb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2c08f85bd74f5c0456761cd4180e3d1b
1fb1ed9973e481092ae4e51e7277e7e58144f994
e5e5d24ca076fb29f70c900432ad20cc1c838d61924c257d2fe01e898a76ecad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tilepin.ru.com/clicks/clipperpro_files/css.css
104.21.12.130200 OK 2.1 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/css.css
IP 104.21.12.130:0
Hash 022da014271bf663e5dd9798f3527037
dda40341a1f3b81e9cd4e71a730eb95d6a87d657
36d5880a73e349d62bd5fd8a6acb3de772fa262cb133f11a5b411ef1121196b2
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/css.css HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-d279"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhQhCGHDQoVGHuY9veoOtj3Bjzw841ARcEi84rXXIHxbUl4jFyV4kAM4u3NLhLFZsIKJNi7XXhHhZTX8rY%2B%2BUB0TS9pZhdCI1EDVZ%2F%2BonaVepQweaufdLzhpMCMva9hzqxmQBOw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885751dc110b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/blueshift_dotcms.js
104.21.12.130200 OK 3.4 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/blueshift_dotcms.js
IP 104.21.12.130:0
File type ASCII text, with very long lines (10650), with no line terminators
Hash fd92852df168273070534a688cd1f92d
3d5aa586c97a82b2fd5e4fc520d990ba0b2c3070
930f819ae7d6b38cef1b07f07a561b0a90624d477c57c36080c5fa850a80550a
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/blueshift_dotcms.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-299a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj4VulzlmOq2ciDfGgsv6Zu4LsOhSISyIN6hu%2FBE9i%2BxAy%2Fn%2BphjQQv3C%2F4Z7p%2ByNOkkf5ZwPNOmJsxf4Q2jXzISW%2BAePnagVVGlT03fw4q2NiyZZdz%2BmmtlHaivlt7S3d%2BDChM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885752c8e0b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/pre-1-plastic-v4.css
104.21.12.130200 OK 2.7 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/pre-1-plastic-v4.css
IP 104.21.12.130:0
File type ASCII text, with very long lines (12744), with no line terminators
Hash 5ec5bad54302db337b250456269c1e80
972eb7ce7dabc39459f7afcc64b14df0e1e4b0c1
23889c8a57ee6eb9498735138926b73ec5b72cdc433fbd5999c45f21ec971fc7
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/pre-1-plastic-v4.css HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-31c8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qI9lp3%2FaL%2F%2FtCVZ1iz1ToQtcdEazNLb9hY5rgQlOXde03%2BUzs6tpYJZH9a5dSjMYRLgWJSStKMystkmcuFJi6gO73gikn2cKTODYCn8zEzyn2LIWUxHQbkgbRH0G05h16GiI%2BhA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885752c8eab51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/gtm.js
104.21.12.130200 OK 69 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/gtm.js
IP 104.21.12.130:0
File type ASCII text, with very long lines (55397)
Hash 765fb29c189e75107c64228adf3c4dea
6f19f6596e3909545a61809a02850d26026d7bdb
fd2a83889736755be0ad1c203d8b8db91ac116267a7e94bbf340f7687f45d6bd
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/gtm.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-3a09f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qr26lBoLH2Qlhg9%2BxiE4mUWP11iuifLrrxk7wC%2FmwhIn%2BfF0iLrIP%2BSHTwBamDO6sKixX8IZrCOwz8awx%2Bxj5XqQHJewsw3FI0zwmozOHWutxsTXWZfZMNlLA4UA5xuLfsSHNw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885751dc72b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/ctrwow_analytics.js
104.21.12.130200 OK 18 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/ctrwow_analytics.js
IP 104.21.12.130:0
File type ASCII text, with very long lines (55555), with no line terminators
Hash b4122018c18e0056422bb66c626070ee
836971bf8615cf908a985bf6307537cb10a84d15
f8ade1457ef938e60eb3f133e0e26dfa9a6eef5e74fa1aff540b12d8fcea41cd
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/ctrwow_analytics.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-d903"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVKsnBCa2TrVW08VXxPAmR%2BNUBNY9dCY7JhLbu7%2BVc1PcA9zDph6oQlcYuJ3x7kbYof07LNuY3kkRsrCcAXQ6%2BOCQaHF%2Ft2moboF%2FDN4Nt0eythwuCGWepXWYD2eUkJlDgINtH8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857533d5b0b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/pre-1-plastic-v4.js
104.21.12.130200 OK 1.9 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/pre-1-plastic-v4.js
IP 104.21.12.130:0
File type Unicode text, UTF-8 text, with very long lines (6462), with no line terminators
Hash 7f6f26d335f3edd0b10b1e8bef7bdb95
fd5f2b9536c69a7ff921490277859ea0be2a39b3
f427fb6a7b81574b096ba22314cf27d0c1b4d7003c948316d4f2dd81a28427fe
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/pre-1-plastic-v4.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-1970"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FRPSuCGsk%2B4wFnEuS26IjTtcG6oKpESGjx6qNnqrY1X7lGBwK3B5vEpaxSaXROdREC8WuQ0NiNgY1gE2CfIYyQ0PG8983KDyTnLA5xos4B%2Ba58z%2FXN4IMm2r5WKQ4I1%2FFu5BYA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857540fa3b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tilepin.ru.com/clicks/clipperpro_files/site.js
104.21.12.130200 OK 43 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/site.js
IP 104.21.12.130:0
File type Unicode text, UTF-8 text, with very long lines (36020), with NEL line terminators
Hash 67bf88539f6bd59fc88bc364fcef0e5a
44691914f2f54bb3dc2c06f68607d11917102dd2
b84284d55a37cee685fc90250c65e1851809c832e65ac14304da1c4917880a1e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/site.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-20a5b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHSZ3bmr%2FYkrMYNKzV%2FR0PghnD4lhOxP%2B7x7GFDIN8Bkzlt3mcSQusKDCQos7JP7F09S4sVdGVazqj%2BqpqyHfjB%2B4YRAJQaIcWGFAUDF8A5Se%2FMNN%2BujZblvIyTZVGzPPzmyq6w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857539a04b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/lib.js
104.21.12.130200 OK 28 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/lib.js
IP 104.21.12.130:0
File type ASCII text, with very long lines (30124)
Hash 53256dd39ddad12608bd00eb8faa3e4e
dd0b906e03d56c3dd5481c37a75f932d77c3daf5
677dbad426941326da1aa5866b8d13efa94b857d9c8306a3969e202fc265e07f
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/lib.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-15a79"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SPYEXw%2BMc46ZfnLrbLyFIlzcp%2Fzc5HolbeNqBRL54ZLO6FJ1JK7Xkkwy6WaHqm41LHnF5OfNkK%2Ba8NPzk0I2DT0VKPpAzNOeup0XcjQ7jwC8phuNb4VSza65jPrveZO2If8Pd0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7588575399ffb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b80441eff42b20b9def8e35c2e40efd3
f9fe84a9e292cb463f176040150eafbb68dd2e02
89bb831922fbb4b3675d0a7b109880111057574202841db3c6db5b6bdeab39b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b80441eff42b20b9def8e35c2e40efd3
f9fe84a9e292cb463f176040150eafbb68dd2e02
89bb831922fbb4b3675d0a7b109880111057574202841db3c6db5b6bdeab39b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16408, version 1.0\012- data
Hash 875ba54801f7cf83ea70abf613fab665
a747343db86c1ba5d10d6cb1814fd6ac6db42b65
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
GET /s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 07:03:26 GMT
expires: Fri, 06 Oct 2023 07:03:26 GMT
cache-control: public, max-age=31536000
age: 459318
last-modified: Thu, 28 Oct 2021 00:30:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16712, version 1.0\012- data
Hash 1f577b061e6e464e2c949faee6518469
8acf6682f8050be9b4c7fb3e85138971d6fae51c
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
GET /s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 09 Oct 2022 18:35:51 GMT
expires: Mon, 09 Oct 2023 18:35:51 GMT
cache-control: public, max-age=31536000
age: 158573
last-modified: Thu, 28 Oct 2021 00:30:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tilepin.ru.com/clicks/clipperpro_files/logo.png
104.21.12.130200 OK 4.4 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/logo.png
IP 104.21.12.130:0
File type PNG image data, 342 x 81, 8-bit colormap, non-interlaced\012- data
Hash c95a332295d99a5930b58be18fe7ca5a
a789c05d4822c51999c08480be8d631054957ed1
007ca499239b25d61a2b971a6f65f8a3c78a2f4f6cb9a6c8e509cd7d1ac58356
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/logo.png HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/png
Content-Length: 4445
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-115d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLmXMjd%2BDmY%2FVBrP5nYRFnNNxi53j9H%2BYgQMlSDaTuDMaf2sUi4g7zaDCX7640zcSbsUNt4gilFBiPaCbI6s6NFv5AhkPvxuuTDPCg8zMmR%2FOBKdt7%2Fm9uD0gmFhH0KsBaNttt8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885754c8a0b518-OSL
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/img2.jpg
104.21.12.130200 OK 84 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img2.jpg
IP 104.21.12.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 590x366, components 3\012- data
Hash d65f00b60a8e1d92b06f8335572acfc3
078d74549b72c40359801f5188b62e3418883f32
0a920ed81af7ab84732344efbae624b10cdeaf390f79daaaa48347e7d1a273ed
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img2.jpg HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/jpeg
Content-Length: 84325
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-14965"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOQNhNG%2BLqErE7xMRSGozh5PaZaMHWz3yLKIP0vZVfEmVrVhvUVvrxvuNHOmyk8XXNExefkuCUINrff4HUAv5lCc9mY%2Fw9LQngmoXfIAVEbdVtinGLY%2FkQIMxciEaQ%2BCtjY7O2I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885754492db4f7-OSL
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/img4.jpg
104.21.12.130200 OK 23 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img4.jpg
IP 104.21.12.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 590x390, components 3\012- data
Hash a8ec6d4feeaba2fe87a110748e19d46a
718aa5b529345b901d78a66cf4ba443f42d7d524
8dde103843cb3b9739a316d1809da3ba4c66c0dc99e636d0cb900c0f0a2f366b
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img4.jpg HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/jpeg
Content-Length: 22767
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-58ef"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz66izA2sKCQnHQl%2Ba%2FbDDHxfLi57Kz%2Fxmbn4zExEsGqMso9ygWIcvrKNkIlazgd7hmpRmVAEGRcWXPcLDeYJfzzw4vWo256bETiK4H8jeT4xjHjEntt5KosFTbmvvE47xt%2FAS8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857549e8f0b39-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9976, version 1.0\012- data
Hash 88caac5d9efdb82513f4627521152d62
ecd66a42c11807e4fd548f209bc290fea5096361
e2e100dccf35fc8fbda8298d47d2719362a984ff46eebf871a878376224071df
GET /s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 08 Oct 2022 19:34:57 GMT
expires: Sun, 08 Oct 2023 19:34:57 GMT
cache-control: public, max-age=31536000
age: 241427
last-modified: Thu, 28 Jan 2021 23:11:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tilepin.ru.com/clicks/clipperpro_files/img3.jpg
104.21.12.130200 OK 94 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img3.jpg
IP 104.21.12.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 590x372, components 3\012- data
Hash 5de7b8d1e93b68d4b089c01506209a82
0c9aaf865688812c7b955a5575cd07655b37c156
dbf770208853c78028436bc6952f2ae1097db45ffe41a4ca6a252d838563688b
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img3.jpg HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/jpeg
Content-Length: 93862
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-16ea6"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbCMEpusrNIZDnoTdapbglAErgbZnJXLuYq4CGPFJd0O3E7xpbND4Q6MsWy75U4oyJByLKDwoWMMHF3B%2B1fhgQI7Ws59jbDDnpO%2FQsxEjkkvHxXb4rkEHoddjqEvvmgdV0sxABM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857544ba4b515-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16664, version 1.0\012- data
Hash 9751c09397ad94f45838a56d0cae78db
be18f0cee56af58f420cfa42047445ff32339401
c9955557c047d44a9e3b361768b0c4015db5bb49ccc8c6513aa6e40ce0f1b3a3
GET /s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 15:20:28 GMT
expires: Wed, 04 Oct 2023 15:20:28 GMT
cache-control: public, max-age=31536000
age: 602296
last-modified: Thu, 28 Oct 2021 00:30:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tilepin.ru.com/clicks/clipperpro_files/img5.jpg
104.21.12.130200 OK 35 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img5.jpg
IP 104.21.12.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 590x408, components 3\012- data
Hash 18d1d05faacc317fd0ba536525a11482
f63ebef53adf1a0045e36c8790955000481336e1
8b732b9826634688e34ef1792ace7a983d8f6dbbe5876c82bf901a6338314046
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img5.jpg HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/jpeg
Content-Length: 34718
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-879e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCS0jXLzlSI9RkcU3P8wV3YZNyXiKO83vWSY2xdzu3xJ8mNjirmz3BpNJI3NR%2By%2BRCNK7LYlWrYdvFOXxlIzzBYs7CUw516c4D0YOA2jS13vzItymQM7QZdkkiAPEywtz4TMLrA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857553c7db4fa-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
108.157.229.34200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 108.157.229.34:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Tue, 11 Oct 2022 14:29:41 GMT
Cache-Control: max-age=3600
Expires: Tue, 11 Oct 2022 14:40:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 283a3ebaefd33728d45267e54657c3e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: PkyskR6bqbwHI7DADHv5QyCfEqByn5WJLB-5P61f3X12YECM0E6zNw==
Age: 543
www.tilepin.ru.com/clicks/clipperpro_files/img10_animated.gif
104.21.12.130200 OK 2.0 MB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img10_animated.gif
IP 104.21.12.130:0
File type GIF image data, version 89a, 590 x 400\012- data
Size 2.0 MB (1990899 bytes)
Hash ad8800c9c25713d5c72cd839d67e59d3
c926317705be685a8cf2f1066901ef5dcfd19a2c
c5ce1c347db46c88ab1e100b45a48e9ff20f4c39a2ede082ee5dddfd7fe87784
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img10_animated.gif HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/gif
Content-Length: 1990899
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-1e60f3"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbHCSjXGkoXR6uufoW9a557ApdJoZFwIXuURTeUVd0jj1O80jd%2FM33pj%2B%2FbCWUyzNP3e4%2FhA4JyJ4uQm8c7rhYE0T7IkNLliiV2a4iIQ8z8lt%2BRnU8wYfU4OCoFk0Vb9OkhZpVM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885755bfc90b39-OSL
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/blank.htm
104.21.12.130200 OK 548 B URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/blank.htm
IP 104.21.12.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash 0a16aec008013f053a922381dee71f9d
13a69b2e43a426ce54f9a47146955ec0bb169172
4686bf42f5ae452ed851ee0e084ece44ceccef9bc2fde5eee10a33a6c92461ae
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/blank.htm HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
Cookie: _vwo_uuid_v2=D1F1EA49C95FF6DA7486DF86230A623A0|84bf8ac780809d0ab793c7e648fb1fb3; _gcl_au=1.1.212068250.1665499124
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSlcGN9ZtNe6CG09SXbiNy6JYT4iDVjORm5jl%2F6djAwEM15GzzmdIA%2BV33xYGzkOHIaQ0Lm4xxEeksmWTPBydi4mWtziWoPav1kKqaHFYABJG4sRyhsDdTP2lGpxLam6ge4dWek%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 758857565df7b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/clipper_wood.png
104.21.12.130200 OK 433 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/clipper_wood.png
IP 104.21.12.130:0
File type PNG image data, 773 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size 433 kB (433168 bytes)
Hash 84f311273a329fda11f753ec7fd6e271
9dfb94c351123f8c932677827a8f91e9677ff70e
66c76338b18cf672582324886620672d19638995dc4572a8095f04f3308a7175
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/clipper_wood.png HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/png
Content-Length: 433168
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-69c10"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWnkfO1H2bf8rHvf07P6pGyAj3XfBPboZXMw%2FAHL3lqH2a33wok78b7v3oSVB5L8B8QJPcUEgqlQTBsUSYt5cQF2IThOOCzLBzLEG%2FiDNka8SZcvqDt7j88lxu3UcX4GDumgSmQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885755ba20b518-OSL
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/img8_animated.gif
104.21.12.130200 OK 1.7 MB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img8_animated.gif
IP 104.21.12.130:0
File type GIF image data, version 89a, 590 x 400\012- data
Size 1.7 MB (1702939 bytes)
Hash a9c053d03df00b5d3eb7528fefd4a26a
bed1de5c2b3e63ecd918b2554e17fed76272f774
834335eeb8a6a70ea0c187e8eab5fcd4e0239055c9a6d7a8ea624ce8237a2c4f
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img8_animated.gif HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/gif
Content-Length: 1702939
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-19fc1b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hzaftj5cqur8NEWI7dvfomfZKd%2FltqxdiCVoX9bxniE51rqpLsv%2B98MFMQX2jIycn8SPw5dSNxQAjIfENXMKfIT0oQeWl43xgmzlU7nUCr2wbpC26hYRHQnNAhZGgedgWph9lg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885755cd08b515-OSL
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/img7_animated.gif
104.21.12.130200 OK 1.1 MB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img7_animated.gif
IP 104.21.12.130:0
File type GIF image data, version 89a, 590 x 400\012- data
Size 1.1 MB (1075935 bytes)
Hash 184f95a3a8a240e7a67db854c8ffa48b
f0c5e8ef31f0dc6dc8de1bf512d7d10938f10f07
13c37e30c2de01a421c333ff6402114c18791cbb8b159c6e8eb4000a297b2a8a
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img7_animated.gif HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/gif
Content-Length: 1075935
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-106adf"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNTBVfZwO0%2B%2F35P7SyaxnL3HbU%2FO%2FUwAJOIyh6PH3levDYzn77iPfAgw86%2FWsQhMO2NuDuG25yC%2Fw47YY440c9P3paxUeMZ2QEzUGTNTrJByfZOpO23qFFZ4tWRKo%2FFFkAnOSLw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885755baf3b4f7-OSL
alt-svc: h2=":443"; ma=60
cdn.getblueshift.com/blueshift.js
108.138.217.90200 OK 2.0 kB URL HTTP/1.1 cdn.getblueshift.com/blueshift.js
IP 108.138.217.90:0
File type ASCII text, with very long lines (4407), with no line terminators
Hash e180e60ec878d69551a1c449b37c6552
41e08b360ccf3b35947abcf709f1cc249f6393c6
daa4b9339673c9cce7e986f05b60b11f5773108503f83ce2f81464fc470f254c
GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1990
Connection: keep-alive
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 11 Oct 2022 14:28:47 GMT
Cache-Control: max-age=3600
ETag: "e180e60ec878d69551a1c449b37c6552"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9a4946b43dbf1005ebaa0c93701f16ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: AWdYseRe3rR7VznDWPEavE08Sj_mlsHu2HdIjOzMNH6J2Y2CTECtoA==
Age: 598
www.tilepin.ru.com/clicks/clipperpro_files/img1_animated.gif
104.21.12.130200 OK 2.0 MB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img1_animated.gif
IP 104.21.12.130:0
File type GIF image data, version 89a, 850 x 420\012- data
Size 2.0 MB (1953460 bytes)
Hash 4e708010696fb2a2fc94e593f484755f
1bf3b941534cc26f154119c0c3055e743dc2ec16
f615222a7df37be861eb0636c7b9b31720e7e10fe83f12aadfe35f057875cb46
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img1_animated.gif HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/gif
Content-Length: 1953460
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-1dceb4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrzfJsjWTOvSfN%2F3JNLjuk2gTaCXCKUOcUH%2FFHrsMGtNwnHlrnWXSitDlTGVNf%2BT97NQESfxpLXE9p9iPiJb222o8mdPXOKC86%2FGa0DNV7N8SezQgenyrb2Y0eXGJLxuIeLU6JI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857552c1db51e-OSL
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/img_homehousewaresshow.png
104.21.12.130200 OK 17 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/img_homehousewaresshow.png
IP 104.21.12.130:0
File type PNG image data, 378 x 284, 8-bit colormap, non-interlaced\012- data
Hash 3ff8c02adb87f0d03e55f89bbbe03c7e
0994f87d323052f5d1de650bff2eef74bfd89d16
4504a3cd94a06b4bf6ca50046c478396a93d7f6f9b52ad7c968ea1b5c30ebbff
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/img_homehousewaresshow.png HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/png
Content-Length: 17328
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-43b0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o880nKAUc7q4R8d5%2BQ%2BzYWNXcGcaY6KIBqsjDXAOoaFzYs0uhG62VrYjkq0ejJCDUVQbmL0Qts8pC8U9Y5LCb6Qq9Jmyz%2BZRC5OrdykGYQfHn3g%2BHsZPVnEjynAsneqo3a4s%2FD0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885757b97c0b39-OSL
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/blank_data/inject.css
104.21.12.130200 OK 928 B URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/blank_data/inject.css
IP 104.21.12.130:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/blank_data/inject.css HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro_files/blank.htm
Cookie: _vwo_uuid_v2=D1F1EA49C95FF6DA7486DF86230A623A0|84bf8ac780809d0ab793c7e648fb1fb3; _gcl_au=1.1.212068250.1665499124
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-f28"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPu78oKFcMmd2T6gStHdRO8eQebJDm8LSd0Rq2L3pP6ZfpvsDTuOWzYh1MnZEn1hXYdXfAUFvL1iCF43sC14jha%2FKXTF6StQaa9DgFehI6r7vdGUXMNfnCTPwf6prz9Y3ZPp29s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857590985b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.tilepin.ru.com/clicks/clipperpro_files/dmca-badge-w150-5x1-10.png
104.21.12.130200 OK 5.1 kB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/dmca-badge-w150-5x1-10.png
IP 104.21.12.130:0
File type PNG image data, 150 x 30, 8-bit/color RGBA, interlaced\012- data
Hash 4fc4a352d4a5592e9525ef8b60fae804
df346a886cfdf827339643cab0122a57af1a3b0b
c175377a88f43eee8d84655fa584dd98fd87abbbb608e124e89e62b4e57b28ad
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/dmca-badge-w150-5x1-10.png HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/png
Content-Length: 5088
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-13e0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHBc5PIHO2brlHCvkAu3%2BIzhtHA%2FAe5291YkEFLduKxXg6uXgt47lipvZU1p9f3%2BZ40yYo1rHNxgULG3hEFjj29GkMZKe9SsCE4b7Yi7y%2F3bqLyH8dLZKpEZkq8f9EL5QL3OXxM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758857590e9ab518-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 34c15fee665f03aab24038618bb2d9a7
6b90ea5a496581b83daf1764938d1db1a5a32bb4
93e99055eb4a94f808eed2fac338d6c480047c30a56498b2a65036a7d5bdea04
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3525
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:44 GMT
Last-Modified: Tue, 11 Oct 2022 13:39:59 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.tilepin.ru.com/clicks/clipperpro_files/clipper_wood_animated.gif
104.21.12.130200 OK 1.3 MB URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/clipper_wood_animated.gif
IP 104.21.12.130:0
File type GIF image data, version 89a, 590 x 400\012- data
Size 1.3 MB (1317315 bytes)
Hash d1c4c762bdc9eb33986b65fd0f1b3c24
57a963a3a833f1bf44c13f94f58a2d09dafc93ff
b325e06213e03c39504fbe5daed1819c787eb41b0c8ed98c98f6481866f4388a
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/clipper_wood_animated.gif HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:44 GMT
Content-Type: image/gif
Content-Length: 1317315
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: "62e8239e-1419c3"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLXHeKFtlarofnXR1Oyt9barXfJ84TDWpFaQVXv5pCjgVps8srqRdNYrx62tUOoAvpgkxagw5kRfGnR5tVRjnEJYQYXF%2Fw9ltYFFeMDW5hMoHPsKKZ%2FwI7Wa9NVO3KKcg7K2gT0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885757cfebb4fa-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BSYv6H8TLtT0X+yHdRMbyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Vu2GwVz5mVGZfGctSAXYqjYWPV4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2245ef5485db0723ba5731085d0018e3
8e7d3711a5575d28c2380e1fe5c77feb43609329
6243cea7c7e6e620edb239cb89d27186b0473659361ae906355253afac5ac5ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6243CEA7C7E6E620EDB239CB89D27186B0473659361AE906355253AFAC5AC5EA"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1722
Expires: Tue, 11 Oct 2022 15:07:27 GMT
Date: Tue, 11 Oct 2022 14:38:45 GMT
Connection: keep-alive
dev.visualwebsiteoptimizer.com/j.php?a=463962&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&f=1&r=0.6696748257999919
34.96.102.137301 Moved Permanently 182 B URL HTTP/1.1 dev.visualwebsiteoptimizer.com/j.php?a=463962&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&f=1&r=0.6696748257999919
IP 34.96.102.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9d44ae5ca75a352070be23a6e9c70f6
a3aa893ef50506ec0f1fdf60ccfbf5e48f142e81
e3631af1efa5be63f728619833a5a8a23a1f72ca40d6f6b6c71d80bca51975c0
GET /j.php?a=463962&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&f=1&r=0.6696748257999919 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 11 Oct 2022 14:38:45 GMT
Content-Type: text/html
Content-Length: 182
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Location: https://dev.visualwebsiteoptimizer.com/j.php?a=463962&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&f=1&r=0.6696748257999919
server: gams1
Timing-Allow-Origin: *
Via: 1.1 google
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 378dd54ac5b879c8be58a38bf554668a
b2bc7911616e2f8177baf2f26d80966a144ede82
e8dd7fed9d6066748e4b39e79871dc75d824064a40b736684df8131fd6b2a8ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5399
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:45 GMT
Last-Modified: Tue, 11 Oct 2022 13:08:46 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 11 Oct 2022 12:41:09 GMT
expires: Tue, 11 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
age: 7056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 44QorlPVNGiP63b5Q1zgDnOacDdkFi94rFTb2FU7TF7Q3YKSb8Cil5dI8+flhyCiFb485Njl73wccDGMnUZsoQ==
content-length: 26840
x-fb-trip-id: 1904183273
date: Tue, 11 Oct 2022 14:38:45 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 378dd54ac5b879c8be58a38bf554668a
b2bc7911616e2f8177baf2f26d80966a144ede82
e8dd7fed9d6066748e4b39e79871dc75d824064a40b736684df8131fd6b2a8ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5399
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:45 GMT
Last-Modified: Tue, 11 Oct 2022 13:08:46 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 11 Oct 2022 14:38:45 GMT
expires: Tue, 11 Oct 2022 14:38:45 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=2044325805&t=pageview&_s=1&dl=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&ul=en-us&de=UTF-8&dt=CLIPPERPRO%20Nail%20Clipper&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1774938947&gjid=931774617&cid=1091967314.1665499125&tid=UA-22484186-3&_gid=421244646.1665499125&_r=1>m=2ouaa0&z=251127346
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2044325805&t=pageview&_s=1&dl=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&ul=en-us&de=UTF-8&dt=CLIPPERPRO%20Nail%20Clipper&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1774938947&gjid=931774617&cid=1091967314.1665499125&tid=UA-22484186-3&_gid=421244646.1665499125&_r=1>m=2ouaa0&z=251127346
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=2044325805&t=pageview&_s=1&dl=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&ul=en-us&de=UTF-8&dt=CLIPPERPRO%20Nail%20Clipper&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1774938947&gjid=931774617&cid=1091967314.1665499125&tid=UA-22484186-3&_gid=421244646.1665499125&_r=1>m=2ouaa0&z=251127346 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://www.tilepin.ru.com
date: Tue, 11 Oct 2022 14:38:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.sjpf.io/
75.2.10.96200 OK 204 B IP 75.2.10.96:0
File type ASCII text, with no line terminators
Hash 9f30fc4f9e8c51dc483f783df6553c6e
6b505180f32c9692b456357ea293017bc5a3672b
7d998770b0b874e81128fb5ec5faa53313724b51ca0113769efe326305b6a279
GET / HTTP/1.1
Host: api.sjpf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=2592000, immutable, private
strict-transport-security: max-age=63072000; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 204
date: Tue, 11 Oct 2022 14:38:45 GMT
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 4a8e7545bea11f53e2ba01328f2b1515
90e4a87787722793cb39a4328be5dc7eb6d73a56
0139a404ace7e5d2871468585dec7f02d7a6e1918e2657650fade423882cff49
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 11 Oct 2022 14:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 11 Oct 2022 00:08:21 GMT
Expires: Wed, 12 Oct 2022 00:08:21 GMT
ETag: "90e4a87787722793cb39a4328be5dc7eb6d73a56"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 4a8e7545bea11f53e2ba01328f2b1515
90e4a87787722793cb39a4328be5dc7eb6d73a56
0139a404ace7e5d2871468585dec7f02d7a6e1918e2657650fade423882cff49
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 11 Oct 2022 14:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 11 Oct 2022 00:08:21 GMT
Expires: Wed, 12 Oct 2022 00:08:21 GMT
ETag: "90e4a87787722793cb39a4328be5dc7eb6d73a56"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b8e058c50dbe0871b6ccde4ed4cc8785
06b0c34d584624df99282c1fff1d766b9ed00e64
3319073b74402c41450cc9ca2162140dbe8b231db146cf8e77cb0b43fa461b4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 4a8e7545bea11f53e2ba01328f2b1515
90e4a87787722793cb39a4328be5dc7eb6d73a56
0139a404ace7e5d2871468585dec7f02d7a6e1918e2657650fade423882cff49
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 11 Oct 2022 14:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 11 Oct 2022 00:08:21 GMT
Expires: Wed, 12 Oct 2022 00:08:21 GMT
ETag: "90e4a87787722793cb39a4328be5dc7eb6d73a56"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=SC0000341
52.176.5.241101 Switching Protocols 0 B URL HTTP/1.1 ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=SC0000341
IP 52.176.5.241:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?trackingId=SC0000341 HTTP/1.1
Host: ctrwow-prod-analytics-socketserver.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.tilepin.ru.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j8YhzXtgKWYw1j0RgCS3gA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Tue, 11 Oct 2022 14:38:44 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=b42003c253a6ee92c124bdfad0b2db83fb2ef9906588018364ce2390be8fbedb;Path=/;HttpOnly;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
ARRAffinitySameSite=b42003c253a6ee92c124bdfad0b2db83fb2ef9906588018364ce2390be8fbedb;Path=/;HttpOnly;SameSite=None;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
Upgrade: websocket
Sec-WebSocket-Accept: piLxBB35wYkrteXwb/8MKJLBd/I=
Origin: http://www.tilepin.ru.com
X-Powered-By: ASP.NET
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55429dd512d3e72adc0792b5e941d914
affb6ecf685702a7e652d81bef23fdb03515709f
46efa31a4d653d84c6b1c9156c248b92032a5a4305fad19857d9ed6183b16251
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-5872a63cce3b0af13933e8c33be03543.js
34.96.102.137200 OK 49 kB URL HTTP/2 dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-5872a63cce3b0af13933e8c33be03543.js
IP 34.96.102.137:0
File type ASCII text, with very long lines (47951)
Hash 544a5b0de55253fb4eaf427f137b3ad0
59b8ff245de971404d235e4ec2d8753486ca4658
1c2619f7f36bb7ddbe2769cb6864d14ce19bdadfcddbaa0c7646470c29abc993
GET /web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-5872a63cce3b0af13933e8c33be03543.js HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 14:38:45 GMT
content-type: application/javascript; charset=UTF-8
content-length: 49287
last-modified: Tue, 11 Oct 2022 13:57:48 GMT
content-encoding: br
etag: "6345765c-c087"
server: gams1
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/776470710/?random=1665499125080&cv=9&fst=1665499125080&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&tiba=CLIPPERPRO%20Nail%20Clipper&auid=212068250.1665499124&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/776470710/?random=1665499125080&cv=9&fst=1665499125080&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&tiba=CLIPPERPRO%20Nail%20Clipper&auid=212068250.1665499124&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2692), with no line terminators
Hash 2ad4f93c07e1fcb4c584c7768e909e09
96f9575c57fccf615fa17bfe49582321393182d4
ac4a4cbb187a757e561fcf2cd038e43caab13eb5a1886cc97099e42453d94f14
GET /pagead/viewthroughconversion/776470710/?random=1665499125080&cv=9&fst=1665499125080&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaa0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&tiba=CLIPPERPRO%20Nail%20Clipper&auid=212068250.1665499124&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 14:38:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 11-Oct-2022 14:53:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
108.157.217.75200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.75:0
Hash ea93934add78f1f05a3689c08c9cacab
249cddfa696dcf7279ce3664042054ed4deed627
6f3a65c99781090f9ab36b40669d9a52e3b49def877d9b318bdb03aabfc2c2b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 11 Oct 2022 14:38:45 GMT
Last-Modified: Tue, 11 Oct 2022 14:28:55 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 0ca6102b671acc9950502eeeca241bf8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: zSmwOAfMY3I883xsvr8AKCLt4rcHwGOYmYvP2ObUBEmZkgSpAGPFRA==
Age: 590
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 4a8e7545bea11f53e2ba01328f2b1515
90e4a87787722793cb39a4328be5dc7eb6d73a56
0139a404ace7e5d2871468585dec7f02d7a6e1918e2657650fade423882cff49
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 11 Oct 2022 14:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 11 Oct 2022 00:08:21 GMT
Expires: Wed, 12 Oct 2022 00:08:21 GMT
ETag: "90e4a87787722793cb39a4328be5dc7eb6d73a56"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55429dd512d3e72adc0792b5e941d914
affb6ecf685702a7e652d81bef23fdb03515709f
46efa31a4d653d84c6b1c9156c248b92032a5a4305fad19857d9ed6183b16251
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-135457466-1&cid=1091967314.1665499125&jid=16802546&gjid=1579954078&_gid=421244646.1665499125&_u=YEDAAUABAAAAACAAI~&z=1726233466
173.194.73.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-135457466-1&cid=1091967314.1665499125&jid=16802546&gjid=1579954078&_gid=421244646.1665499125&_u=YEDAAUABAAAAACAAI~&z=1726233466
IP 173.194.73.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-135457466-1&cid=1091967314.1665499125&jid=16802546&gjid=1579954078&_gid=421244646.1665499125&_u=YEDAAUABAAAAACAAI~&z=1726233466 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.tilepin.ru.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Oct 2022 14:38:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1091967314.1665499125&jid=1774938947&gjid=931774617&_gid=421244646.1665499125&_u=YEBAAUAAAAAAACAAI~&z=639571245
173.194.73.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1091967314.1665499125&jid=1774938947&gjid=931774617&_gid=421244646.1665499125&_u=YEBAAUAAAAAAACAAI~&z=639571245
IP 173.194.73.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1091967314.1665499125&jid=1774938947&gjid=931774617&_gid=421244646.1665499125&_u=YEBAAUAAAAAAACAAI~&z=639571245 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.tilepin.ru.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Oct 2022 14:38:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.shopclipperpro.com/pub-assets/fileuploads/images/favicon.ico
108.156.28.89200 OK 1.2 kB URL HTTP/2 www.shopclipperpro.com/pub-assets/fileuploads/images/favicon.ico
IP 108.156.28.89:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 2c68ed028351de34238a82f4d5e172b5
94d14f224e16795b9178affdbf5164fd8d104204
91d1053f8544b79faf4e34d5a16020055a31eea39bdd475ce2497207d7656f5e
GET /pub-assets/fileuploads/images/favicon.ico HTTP/1.1
Host: www.shopclipperpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 1150
date: Tue, 11 Oct 2022 01:37:37 GMT
last-modified: Thu, 09 Jun 2022 09:08:11 GMT
etag: "2c68ed028351de34238a82f4d5e172b5"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 17a77a72dc1e9981253a822e540e37c2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: EMDXFosMj_FnGSCc_J8j6tud3epk1cIEAV94mfg4DMD3CvGv-dISZw==
age: 46869
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 630d2d1f4572fc2d78b1318b8a5c05d9
e88d0c31bc701e6620366a83dd337a89420a4215
73442de4417e1f83c5e82b0e281bf0e4144a0a25f8c59552a788932d5c47bde5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dev.visualwebsiteoptimizer.com/j.php?a=463962&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&f=1&r=0.6696748257999919
34.96.102.137200 OK 2.8 kB URL HTTP/2 dev.visualwebsiteoptimizer.com/j.php?a=463962&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&f=1&r=0.6696748257999919
IP 34.96.102.137:0
Hash 35fa9ab0669ddb63903fa44c3e043abc
37b2d8a6d9bbb49037472d89c4b54c59cc9981c3
4cd5ec421c84a45eb2f90918783e103761f103452135e288b02ca687b5f6f6d2
GET /j.php?a=463962&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&f=1&r=0.6696748257999919 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.tilepin.ru.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 14:38:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0, no-cache, must-revalidate
etag: W/"1665496689"
server: gams1
timing-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=463962&d=tilepin.ru.com&u=D1F1EA49C95FF6DA7486DF86230A623A0&h=84bf8ac780809d0ab793c7e648fb1fb3&t=false&r=0.09443944253672187
34.96.102.137200 OK 35 B URL HTTP/2 dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=463962&d=tilepin.ru.com&u=D1F1EA49C95FF6DA7486DF86230A623A0&h=84bf8ac780809d0ab793c7e648fb1fb3&t=false&r=0.09443944253672187
IP 34.96.102.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /v.gif?cd=0&a=463962&d=tilepin.ru.com&u=D1F1EA49C95FF6DA7486DF86230A623A0&h=84bf8ac780809d0ab793c7e648fb1fb3&t=false&r=0.09443944253672187 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 14:38:44 GMT
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
expires: Mon, 10 Jan 2005 00:00:01 GMT
pragma: no-cache
x-content-type-options: nosniff
content-length: 35
server: gnv1c
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 630d2d1f4572fc2d78b1318b8a5c05d9
e88d0c31bc701e6620366a83dd337a89420a4215
73442de4417e1f83c5e82b0e281bf0e4144a0a25f8c59552a788932d5c47bde5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 14:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d16hdrba6dusey.cloudfront.net/sitecommon/js/commons/ctrwow_analytics.v3.pro.min.js
108.157.232.152200 OK 30 kB URL HTTP/1.1 d16hdrba6dusey.cloudfront.net/sitecommon/js/commons/ctrwow_analytics.v3.pro.min.js
IP 108.157.232.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10a1b0ded99fdb515c976a8c35bc862
9be1540d177e13b2523bb7e91210df5d163350bc
2933bc5bc2334d0fde7490e2899567a26f9e256a50230b646b75fd83a2b1a8d6
GET /sitecommon/js/commons/ctrwow_analytics.v3.pro.min.js HTTP/1.1
Host: d16hdrba6dusey.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 11 Oct 2022 14:38:46 GMT
Last-Modified: Wed, 06 Jul 2022 00:01:01 GMT
ETag: W/"247a6fef6d4fc61c3e4fcc09c346e749"
Cache-Control: no-store
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 3130c9b603e4215bb05d32cd39e3843c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: Q59icpqs2edyD4SmShv2-S8b1o8O5rBU5ZSu9T0C0CLUJURx92MN2g==
www.facebook.com/tr/?id=148368926515084&ev=PageView&dl=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&rl=&if=false&ts=1665499125466&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.2.1665499125465.1690044064&it=1665499125076&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=148368926515084&ev=PageView&dl=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&rl=&if=false&ts=1665499125466&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.2.1665499125465.1690044064&it=1665499125076&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=148368926515084&ev=PageView&dl=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti&rl=&if=false&ts=1665499125466&sw=1280&sh=1024&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.2.1665499125465.1690044064&it=1665499125076&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 11 Oct 2022 14:38:45 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 75e8f29d3788f9766d33a7d8f50b762e
4799a3a7b240e576cc75a08f5e5b183319b7a9d2
27a9ec4d7384691e7b99b16f600ab47ca1a969f42cba8b71f21db73fe1ce346e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27A9EC4D7384691E7B99B16F600AB47CA1A969F42CBA8B71F21DB73FE1CE346E"
Last-Modified: Mon, 10 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9473
Expires: Tue, 11 Oct 2022 17:16:38 GMT
Date: Tue, 11 Oct 2022 14:38:45 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-KJVD6DX47Z&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-KJVD6DX47Z&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d5a12fe67a69f4d8fcce73c8a6dee83c
9a0ef3628647922e34a7206fcc642a3d31f6e54a
fb8f00108a8ad86078c6bcc028bc27a6a3ac91993815d43f3ebdd7428f671990
GET /gtag/js?id=G-KJVD6DX47Z&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-KJVD6DX47Z&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 11 Oct 2022 14:38:45 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
tls-use1.fpapi.io/
75.2.10.96200 OK 204 B IP 75.2.10.96:0
File type ASCII text, with no line terminators
Hash 49fc2d2ccdeff9de6508e1fce8b921ba
43174725d415869d88e103291c522d1d8f08baed
083028a0675e2df6c8f14b432b6c3164b09d44fb5d388813933d888250e77bb3
GET / HTTP/1.1
Host: tls-use1.fpapi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=2592000, immutable, private
strict-transport-security: max-age=63072000; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 204
date: Tue, 11 Oct 2022 14:38:45 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16372
Expires: Tue, 11 Oct 2022 19:11:38 GMT
Date: Tue, 11 Oct 2022 14:38:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16372
Expires: Tue, 11 Oct 2022 19:11:38 GMT
Date: Tue, 11 Oct 2022 14:38:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16372
Expires: Tue, 11 Oct 2022 19:11:38 GMT
Date: Tue, 11 Oct 2022 14:38:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e8146-dad8-449f-a0ea-efe8d7b14e99.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e8146-dad8-449f-a0ea-efe8d7b14e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6943f4735bdb3eaf396cd0edbd101dae
3be209d8b74abe0d12033cf6149da04eb9e1a116
7578a8981216adc59909baf4e41ef4044d5a592e6dc7f80f4fa8f5f1cc1b282f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e8146-dad8-449f-a0ea-efe8d7b14e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5957
x-amzn-requestid: e7388c82-006d-4114-84e1-f6c5af236edb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zt4h5EMzoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63423ad8-135cd65273a99b4c1719796b;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 03:07:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: H6aoPUjEEPgK6GhTjcpiUg0lVa0e78LQa7cbpYT-QR8NKUzn7UL1Sw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 04:12:36 GMT
age: 37570
etag: "3be209d8b74abe0d12033cf6149da04eb9e1a116"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a8720e1bfd92ce7ccfeb8ab6ca2477a
1277a8a73b2fbf48562a7f767c3219d836b1faa9
61cfaa0a0338ae710735fab66822d8227adeb6a8bc4035686fae4a4de6247f1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 6e75c182-93bc-4339-a679-b069f78a397c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuQ0H3qoAMFi5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634490d1-4e134a93174cbf3559bea75c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2T5ArGyU86KvuyKtp_G0XC9MaZQWS2luBYlIKcQRWNeeUjqcmQgMSA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:10:38 GMT
age: 59288
etag: "1277a8a73b2fbf48562a7f767c3219d836b1faa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 94e8e091-1136-41a7-843c-44c4ffe9e688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZqylGGYwoAMFQIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340fe20-60b47aeb3b55af4f755577f4;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 04:35:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fzfUAL2jahiFgsqMExf1dB_7PFJt9wwO2BDKo3XJHSvk5AeeNP8FQg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:22:13 GMT
age: 58593
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff8cfe3904cca89e3bdfa8186ae382ba
0b9dce744f5facad9a0a136d81cf24e928211856
a6f0925a9666a43d018c05d717310f57b86316290fb4a7cdd309c35842e557a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7674
x-amzn-requestid: d31d1c0c-02a2-4912-b757-aa166018d5ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHkZFqeoAMFW0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec82-73f20af53f27f6f66e2906f2;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:32:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6IvU7Nkd48yGZUoGRwMEzLkIOBVKLvf8st0hggogDdKSCuzkPsnSQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:58:49 GMT
age: 59997
etag: "0b9dce744f5facad9a0a136d81cf24e928211856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a938ec-0f85-4cc4-b114-6a3bb049c111.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a938ec-0f85-4cc4-b114-6a3bb049c111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e6761274cf8c2ed62e317e310f74ac3
32b3631be51d3385f061fee29e41ed28fad4b914
45d68ffebd269cae06ae471a11a128c32070367db85f525b81df4164f510adea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a938ec-0f85-4cc4-b114-6a3bb049c111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11336
x-amzn-requestid: 2f64751f-13d2-49c3-85c4-fb0f28186a37
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zzt8mFh7IAMF_lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449050-100b2d49411d4bed369655c1;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lss2UdzBjP4PysNdrrEsK0WX20WfoKkbHuhcPzL6WWyyTXSynpXJDA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:55:51 GMT
etag: "32b3631be51d3385f061fee29e41ed28fad4b914"
content-type: image/jpeg
age: 60175
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c510a5010677fcfa9ee8065c0abc894
5f2cf2a511760f5fd16d5c14a48a1aff185830e0
a07018792c7eb661bfddde47d26d728298c90314e52c96228a91c7d1978fedc6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: fb2bd595-cff6-4278-95cb-f42939d91f17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zzt85Fd9IAMFQeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449052-326c047f01d742353e1891c8;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: u5XxBwVbvOux8Bv_DgbsHjE5KcQE5gy_F2mXDNFfgPxmTfsfwCQS7Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:55:51 GMT
etag: "5f2cf2a511760f5fd16d5c14a48a1aff185830e0"
content-type: image/jpeg
age: 60175
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=SC0000341
52.176.5.241101 Switching Protocols 0 B URL HTTP/1.1 ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=SC0000341
IP 52.176.5.241:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?trackingId=SC0000341 HTTP/1.1
Host: ctrwow-prod-analytics-socketserver.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.tilepin.ru.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kMnrUFj1EKemPid4iL05Sg==
Connection: keep-alive, Upgrade
Cookie: ARRAffinitySameSite=b42003c253a6ee92c124bdfad0b2db83fb2ef9906588018364ce2390be8fbedb
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Tue, 11 Oct 2022 14:38:45 GMT
Server: Microsoft-IIS/10.0
Upgrade: websocket
Sec-WebSocket-Accept: vYCPJTtW1bj5JWlrM8apg6ERBx8=
Origin: http://www.tilepin.ru.com
X-Powered-By: ASP.NET
ocsp.sca1b.amazontrust.com/
108.157.217.75200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.75:0
Hash dc91e58357794e3e726eb66fa050c76b
ea58deed610164f2aecf036474cb7fea1e8b3634
1a917125155695c89f26b61a4ee1ff1ba4bbf8fffb96867ebc794f31f776ac93
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 11 Oct 2022 14:38:46 GMT
Last-Modified: Tue, 11 Oct 2022 13:07:31 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 0ca6102b671acc9950502eeeca241bf8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: KWu-A-aLI3Uihxfejr4JwocNh6a-ereiiwaVrx1ZhZy001fEB2jjfA==
Age: 5476
fp.ctrwow.com/
75.2.62.78403 Forbidden 75 B IP 75.2.62.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0a3cf657b602e74171872b51f178fabb
5681d67e518084e3f0ddc06ce17d5b452b774779
ae82715e7f586567096ee7932a904a1c1006da0992210bae289e2308026f375d
POST / HTTP/1.1
Host: fp.ctrwow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1023
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 11 Oct 2022 14:38:46 GMT
content-type: application/json; charset=utf-8
content-length: 75
server: nginx
access-control-allow-credentials: true
access-control-allow-origin: http://www.tilepin.ru.com
access-control-expose-headers: Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
X-Firefox-Spdy: h2
websales-api.tryemanagecrm.com/api/campaigns/84f2b526-088e-4b76-891d-4e7ca7d7be0a/products/prices
51.143.102.21200 OK 0 B URL HTTP/1.1 websales-api.tryemanagecrm.com/api/campaigns/84f2b526-088e-4b76-891d-4e7ca7d7be0a/products/prices
IP 51.143.102.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/campaigns/84f2b526-088e-4b76-891d-4e7ca7d7be0a/products/prices HTTP/1.1
Host: websales-api.tryemanagecrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x_cid
Referer: http://www.tilepin.ru.com/
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Date: Tue, 11 Oct 2022 14:38:45 GMT
Access-Control-Allow-Headers: x_cid
Access-Control-Allow-Origin: *
api.getblueshift.com/unity.gif?t=1665499127&e=pageload&r=&z=541212&x=13c25a652e2a0c05cb06a3b1dba09a85&k=f64e52b5-79b2-dd76-9623-ba58a8499b99&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
18.236.27.0200 OK 0 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1665499127&e=pageload&r=&z=541212&x=13c25a652e2a0c05cb06a3b1dba09a85&k=f64e52b5-79b2-dd76-9623-ba58a8499b99&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
IP 18.236.27.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /unity.gif?t=1665499127&e=pageload&r=&z=541212&x=13c25a652e2a0c05cb06a3b1dba09a85&k=f64e52b5-79b2-dd76-9623-ba58a8499b99&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Referer: http://www.tilepin.ru.com/
Origin: http://www.tilepin.ru.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:47 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-origin: http://www.tilepin.ru.com
access-control-allow-methods: DELETE, HEAD, POST, GET, PUT, OPTIONS, PATCH
access-control-allow-headers: x-requested-with, x-api-key, if-modified-since, if-none-match, content-type
access-control-max-age: 86400
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
api.getblueshift.com/unity.gif?t=1665499127&e=pageload&r=&z=541212&x=13c25a652e2a0c05cb06a3b1dba09a85&k=f64e52b5-79b2-dd76-9623-ba58a8499b99&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
18.236.27.0200 OK 42 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1665499127&e=pageload&r=&z=541212&x=13c25a652e2a0c05cb06a3b1dba09a85&k=f64e52b5-79b2-dd76-9623-ba58a8499b99&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
IP 18.236.27.0:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /unity.gif?t=1665499127&e=pageload&r=&z=541212&x=13c25a652e2a0c05cb06a3b1dba09a85&k=f64e52b5-79b2-dd76-9623-ba58a8499b99&u=http%3A%2F%2Fwww.tilepin.ru.com%2Fclicks%2Fclipperpro.php%3Fsid%3D996660%26h%3D7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc%2Fkptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Api-Key: 13c25a652e2a0c05cb06a3b1dba09a85
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:47 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
access-control-expose-headers: etag
access-control-allow-origin: http://www.tilepin.ru.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
fp.ctrwow.com/?ci=js/3.6.6
75.2.62.78403 Forbidden 86 kB URL HTTP/2 fp.ctrwow.com/?ci=js/3.6.6
IP 75.2.62.78:0
File type gzip compressed data, from Unix\012- data
Hash 282afc8a82404f16e295ee8853395177
604e603e0fff1a867a71d63cfbc8b6fa7c941112
6506d4d913e44e32f7f3620387afdc297d57083ba0816c9ea63d51c1e9be295b
POST /?ci=js/3.6.6 HTTP/1.1
Host: fp.ctrwow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3136
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Tue, 11 Oct 2022 14:38:47 GMT
content-type: text/plain
content-length: 220
server: nginx
access-control-allow-credentials: true
access-control-allow-origin: http://www.tilepin.ru.com
access-control-expose-headers: Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
X-Firefox-Spdy: h2
websales-api.tryemanagecrm.com/api/campaigns/84f2b526-088e-4b76-891d-4e7ca7d7be0a/products/prices
51.143.102.21200 OK 1.9 kB URL HTTP/1.1 websales-api.tryemanagecrm.com/api/campaigns/84f2b526-088e-4b76-891d-4e7ca7d7be0a/products/prices
IP 51.143.102.21:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (12023), with no line terminators
Hash 5f0692cd67701074146c7a57df7e6fa5
7ace1025281e2e0f23f81833ae01e53884d175cc
5ac51a59e3d935241594d81836d2ad1384839362e33ea8f367dbf6d64c9d5525
GET /api/campaigns/84f2b526-088e-4b76-891d-4e7ca7d7be0a/products/prices HTTP/1.1
Host: websales-api.tryemanagecrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.tilepin.ru.com/
X_CID: 52708BE9-8D6D-4A8F-8A1D-86AB8AC71476
Origin: http://www.tilepin.ru.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 1937
Content-Type: application/json; charset=utf-8
Date: Tue, 11 Oct 2022 14:38:50 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
Request-Context: appId=cid-v1:f5f8ba4c-2e46-4a1d-8242-c38045d30bc2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Tue, 11 Oct 2022 14:22:08 GMT
Expires: Tue, 11 Oct 2022 16:22:08 GMT
Cache-Control: public, max-age=7200
Age: 1004
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
static.hotjar.com/c/hotjar-1450693.js?sv=6
108.157.229.85200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1450693.js?sv=6
IP 108.157.229.85:0
GET /c/hotjar-1450693.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tilepin.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 14:38:08 GMT
cache-control: max-age=60
etag: W/f818bbc382bc18339e9682f6e84b0bca
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ff51bc3614c373d274030fe4ca1a34fc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: MkU0aD8N8svdD2S2Up2ULT5Q6pZlW8GeGzsRCrqx9g83kmugt8_R8Q==
age: 37
X-Firefox-Spdy: h2
www.tilepin.ru.com/clicks/clipperpro_files/gtm_002.js
104.21.12.130200 OK 0 B URL HTTP/1.1 www.tilepin.ru.com/clicks/clipperpro_files/gtm_002.js
IP 104.21.12.130:0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/clipperpro_files/gtm_002.js HTTP/1.1
Host: www.tilepin.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tilepin.ru.com/clicks/clipperpro.php?sid=996660&h=7atkomw5zznngrfm4mjptwvn_nz4xcghm-uj0qaugnc/kptrqsbh3vstl8s2ziabtbi4v_oogavd5jtaqlvronpkjgmscyk42zvq45w7ogyev6wi6lg_zyt7uunzdn4gzpxqpxyxgddfiapgozr4z0605bd247brxznjhyffu0ti
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 14:38:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:58 GMT
ETag: W/"62e8239e-5595f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WcyN4rG%2FJu8bJOMTkvMF%2BYm5noheO3nyXApQPG6DeFRnAUiUPh2PCw8eSjaf0fwMv6xvv2g9ytCHNL2LWKTxVeVLvDW%2BH0swj8sd2SuteF%2Byq0L422VJPD27QQtzGh1G7jIweI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75885751de38b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60