yehswyq-yehswyq.yehswyq-yehswyq.yehswyq.yehswyq.yehswyq-yehswyq.mainger.online/
45.131.46.244302 Found 0 B URL HTTP/1.1 yehswyq-yehswyq.yehswyq-yehswyq.yehswyq.yehswyq.yehswyq-yehswyq.mainger.online/
IP 45.131.46.244:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: yehswyq-yehswyq.yehswyq-yehswyq.yehswyq.yehswyq.yehswyq-yehswyq.mainger.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 15 Oct 2022 21:39:57 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: http://hay.gerl-may.online/?s1=ptt1
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5562
Expires: Sat, 15 Oct 2022 23:12:39 GMT
Date: Sat, 15 Oct 2022 21:39:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 15 Oct 2022 20:50:16 GMT
Expires: Sat, 15 Oct 2022 21:25:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ooDqSX17HzWEizlXpxmXrnmeX0naTnaj5u0vI1v61QC1FvymrnOM_g==
Age: 2981
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10750
Expires: Sun, 16 Oct 2022 00:39:07 GMT
Date: Sat, 15 Oct 2022 21:39:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KplkM3KSaDD3k9waYzSh+QdVmcU8Jh1qlQ1vFIXI4psMRq3TdMlxM+APVwKwWbuL9BvPrsUsGx4=
x-amz-request-id: EVGTTHFEC1CX79HK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 15 Oct 2022 21:02:44 GMT
age: 2233
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 21:39:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
hay.gerl-may.online/?s1=ptt1
193.3.23.32200 OK 5.7 kB URL HTTP/1.1 hay.gerl-may.online/?s1=ptt1
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (356)
Hash fb374cec73d8fb6550fb303a06181744
01a105755eb216cbfb3e9b506a2130bd1ebc143e
8a4e0aba881c1e720ba1c72edec0cb23820cceb69993acfaad11006b73a5dbc2
GET /?s1=ptt1 HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; expires=Sat, 15-Oct-2022 23:39:58 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; expires=Sat, 15-Oct-2022 23:39:58 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=w2; path=/
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a03506acaa3fbbde4c52324d512a67ac
6cac20cc3367065dfacb1632597f91cb52a3bfa3
3577c42511c3737558fcbdae5f556c03aa04d6b4ae60bee0695a2361df26b955
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3577C42511C3737558FCBDAE5F556C03AA04D6B4AE60BEE0695A2361DF26B955"
Last-Modified: Fri, 14 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3527
Expires: Sat, 15 Oct 2022 22:38:45 GMT
Date: Sat, 15 Oct 2022 21:39:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 21:39:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 15 Oct 2022 21:07:43 GMT
Expires: Sat, 15 Oct 2022 22:01:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oWOJXYUur-jSeW1bJZRmnoQOL03N0G0PdE5hBNzuHzIFRozlHl-8Sw==
Age: 1935
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 21:39:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
IP 142.250.74.10:0
Hash 49494d44cc11ac2bc4c7add6c0c9dfea
d109d30b2e1fecd0c23f5eee8d520da228886c27
386c32382b47767db86f9ccac3ef3dccbb7184c852450a3ea4140848a83084c2
GET /css?family=Open+Sans:400,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 15 Oct 2022 21:39:58 GMT
date: Sat, 15 Oct 2022 21:39:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hay.gerl-may.online/landings/7/fonts/vendor.css
193.3.23.32200 OK 9.0 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/fonts/vendor.css
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type ASCII text, with very long lines (8987), with no line terminators
Hash 73f84fc825658b23f306263821a7ee79
68830941b82ab41a08520ff3eaa1b89d5e49566b
95fdeb2654c2d788381c6396982183fabc0fd93bd58e59b7c87b9f015ca7a99d
GET /landings/7/fonts/vendor.css HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:58 GMT
Content-Type: text/css
Content-Length: 8987
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-231b"
accept-ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a03506acaa3fbbde4c52324d512a67ac
6cac20cc3367065dfacb1632597f91cb52a3bfa3
3577c42511c3737558fcbdae5f556c03aa04d6b4ae60bee0695a2361df26b955
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3577C42511C3737558FCBDAE5F556C03AA04D6B4AE60BEE0695A2361DF26B955"
Last-Modified: Fri, 14 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3527
Expires: Sat, 15 Oct 2022 22:38:45 GMT
Date: Sat, 15 Oct 2022 21:39:58 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vxZcdOiH6rGB3iTcsYR7yA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EkYkTW22W7HWFVrwNcYAUp3Op4U=
hay.gerl-may.online/landings/7/js/vendor.js
193.3.23.32200 OK 100 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/js/vendor.js
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dd4a30a1ab95c7702806236b4d9e22ca
4ff0da383c7c4961bed99d758a9ba2ddad2a2462
24ee11716ad7a2f0f6abe3939fa5a51af2445724802dde8cab88bcfabed67a66
Analyzer Verdict Alert fortinet Phishing
GET /landings/7/js/vendor.js HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:58 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 99879
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-18627"
accept-ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 21:39:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hay.gerl-may.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 05:42:51 GMT
expires: Fri, 13 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 230228
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 21:39:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hay.gerl-may.online/landings/7/img/bubble.png
193.3.23.32200 OK 1.4 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/img/bubble.png
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type PNG image data, 200 x 97, 8-bit colormap, non-interlaced\012- data
Hash d5850c0313922788b06ffe65f7ee291a
5c6d9b45272d5f73d62c92cd61679efc6bb6f302
920b0657c1c6089f08bbcd280dbabfab3a904344b223618bebf7f9fa9118f61c
GET /landings/7/img/bubble.png HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hay.gerl-may.online/landings/7/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/png
Content-Length: 1405
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-57d"
accept-ranges: bytes
hay.gerl-may.online/landings/7/img/str.png
193.3.23.32200 OK 355 B URL HTTP/1.1 hay.gerl-may.online/landings/7/img/str.png
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type PNG image data, 44 x 20, 8-bit colormap, non-interlaced\012- data
Hash 365b1ce513784609142afd8797860835
fbe90a0e119b79eaf904418ea0b60927acf55be3
cba38b68a7aadac0804c7abe5dba2d87f64d32b7058ccaec27773c9421a6e67d
GET /landings/7/img/str.png HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hay.gerl-may.online/landings/7/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/png
Content-Length: 355
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-163"
accept-ranges: bytes
hay.gerl-may.online/landings/7/img/image-2.jpg
193.3.23.32200 OK 2.6 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/img/image-2.jpg
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 101x109, components 3\012- data
Hash ad996819b50eb274e4f22ab2212d115e
4eade4c77df984d51f4e9b1f8fd0899a4dbc0a7c
8b5de54443162e0602a63f03542b4c70d33ba4c8b9a9c58140fa4a1505ddcc98
GET /landings/7/img/image-2.jpg HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/jpeg
Content-Length: 2632
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-a48"
accept-ranges: bytes
hay.gerl-may.online/landings/7/img/image-3.jpg
193.3.23.32200 OK 64 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/img/image-3.jpg
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3\012- data
Hash aac8fdd1bf68cd777a905eefcc137f0a
9391bd2b34e173d9153591f4ea6a0b9e652d73e1
d3ce623db82ce363f55176815d68d1496c2797dea9df66cf9ff31af67a6f82bc
GET /landings/7/img/image-3.jpg HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/jpeg
Content-Length: 63861
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-f975"
accept-ranges: bytes
hay.gerl-may.online/landings/7/img/image-33.jpg
193.3.23.32200 OK 53 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/img/image-33.jpg
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x840, components 3\012- data
Hash 4ce2057d3044d12b662eb861123bb398
4f74857c1ee7a051b83937b6ba5779031cbb83be
641aaf9617415b4adfd17be737834b336f7096a9f6ed01507c3846e13b5cf7df
GET /landings/7/img/image-33.jpg HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/jpeg
Content-Length: 52945
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-ced1"
accept-ranges: bytes
hay.gerl-may.online/landings/7/img/image-10.jpg
193.3.23.32200 OK 55 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/img/image-10.jpg
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x899, components 3\012- data
Hash 047ff39ad88a18c04d27e4a74ccfe49b
77996978157eef032da84655900f069c7879221f
6738b26181a94f584d6157e8e115e422e3c6dfa447bb9dd83e154cb973bcc8d2
GET /landings/7/img/image-10.jpg HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/jpeg
Content-Length: 54735
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-d5cf"
accept-ranges: bytes
hay.gerl-may.online/landings/7/img/image-8.jpg
193.3.23.32200 OK 28 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/img/image-8.jpg
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 634x743, components 3\012- data
Hash e5cee1bb473dab9619747124c772b2c9
15c006b7b681a8c186253928062d8e1664dfd0b9
69d97687e0e5085de7088b34486c00c114acc4745cd9420960532af662227e91
GET /landings/7/img/image-8.jpg HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/jpeg
Content-Length: 28419
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-6f03"
accept-ranges: bytes
hay.gerl-may.online/landings/7/img/image-9.jpg
193.3.23.32200 OK 29 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/img/image-9.jpg
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x746, components 3\012- data
Hash bb3ebab61ec27cf5e47af09feba9ef88
e8f28f632595165f29bfd85440245acfa1f87137
d296e769d2318a1b6a825be105c48141d3dada5f29bf48eb4d299ec048777e5f
GET /landings/7/img/image-9.jpg HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/jpeg
Content-Length: 28873
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-70c9"
accept-ranges: bytes
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 39fc4a69467bec1d6b1422b405bc15d8
9fa6a0323f547f0112c6f19a26754a8e8c997985
d2996c331983b1182090f6b179be757bbf25769a4cb1823a031a5ef1a9eea2c7
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 21:40:00 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 19 Oct 2022 20:07:34 GMT
ETag: "9fa6a0323f547f0112c6f19a26754a8e8c997985"
Last-Modified: Sat, 15 Oct 2022 20:07:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1174
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75abb5ecb93bb4f9-OSL
hay.gerl-may.online/landings/7/img/image-32.jpg
193.3.23.32200 OK 93 kB URL HTTP/1.1 hay.gerl-may.online/landings/7/img/image-32.jpg
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3\012- data
Hash d3528ea347620f9bb95c2179d7e29938
6d709811cc0aa685b5dcee915527003fa24c815b
62d734baa246ff628b79cb69b8f7ce2ac50a4fe5ad20239d9f89db6338012d46
GET /landings/7/img/image-32.jpg HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:39:59 GMT
Content-Type: image/jpeg
Content-Length: 93109
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:32 GMT
etag: "63469f04-16bb5"
accept-ranges: bytes
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (731)
Hash 64adf2282f72dc350e916cb82af41ab7
d5c10f65a7ac0cce6eb0c78df805965a9a3ad017
4942011d5f3623476ceff936e757245d89ce2af664558a7031497d370a3d3771
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73219
date: Sat, 15 Oct 2022 21:40:00 GMT
access-control-allow-origin: *
etag: "633fab48-11e03"
expires: Sat, 15 Oct 2022 22:40:00 GMT
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16212
Expires: Sun, 16 Oct 2022 02:10:12 GMT
Date: Sat, 15 Oct 2022 21:40:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16212
Expires: Sun, 16 Oct 2022 02:10:12 GMT
Date: Sat, 15 Oct 2022 21:40:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16212
Expires: Sun, 16 Oct 2022 02:10:12 GMT
Date: Sat, 15 Oct 2022 21:40:00 GMT
Connection: keep-alive
hay.gerl-may.online/favicon.ico
193.3.23.32200 OK 0 B URL HTTP/1.1 hay.gerl-may.online/favicon.ico
IP 193.3.23.32:0
ASN #212913 FOP Hornostay Mykhaylo Ivanovych
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: hay.gerl-may.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhUcytIWUdRSDR2UFk0SG5KaWZ5TWc9PSIsInZhbHVlIjoiNWptUzJYYUQ3QnF5dHcyS0xMT2dUSXVsOUxrN0VGQjhiM05pM0I3UDA1V2FqZWFVd0szSm81VjhManFkT2U2WSIsIm1hYyI6ImYxNWE0NGIxZTEyMzVmNzA3ZjE3OTRlNmVmZDczMWNmOTRkOGI3Yzg2NDk0MjgzNjcyODkzMmUxYWQ0NzRhNWMifQ%3D%3D; laravel_session=eyJpdiI6IjJkNXBZZTV4UGl0SlJzbTFCdXg2SHc9PSIsInZhbHVlIjoiRkxFN1JHdjVFQURhZGt3Ri8yQ2Fvd2hVd0VtT0hDZFhuNVlFSjd6WDNLZDJzdEs1eThuV3pRNDkvajkyUXNKNSIsIm1hYyI6ImQwYWQzY2M3YjM1YjU3NTA1MzE5ZDliMDA4Mjg0NjA2MDcxMGY5MGFmMjllNTgxMjI5MjgwNmQ4NmRjNDYzNmUifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 15 Oct 2022 21:40:00 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Wed, 12 Oct 2022 11:03:29 GMT
etag: "63469f01-0"
accept-ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16212
Expires: Sun, 16 Oct 2022 02:10:12 GMT
Date: Sat, 15 Oct 2022 21:40:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16212
Expires: Sun, 16 Oct 2022 02:10:12 GMT
Date: Sat, 15 Oct 2022 21:40:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb91747-1466-4fb0-9c5c-e679a1294f9a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb91747-1466-4fb0-9c5c-e679a1294f9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9460ab18b402041fc437809f09b5ca07
83129b8fcd100f7de5e79f685c8dd49a226fb6bd
bbd9f2db14ede4b5711042f892621aaf6602ccec6be2bee07534b11f2b73e671
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb91747-1466-4fb0-9c5c-e679a1294f9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6248
x-amzn-requestid: 0170ca13-eaee-4645-b3ca-0e3db5067dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEMw5HMVIAMF2Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2805-272b5ffb16c194ba746d74b6;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: j_4lNMTyv4OcusAoneVKrkThATk6koNEQtWETmY8JrdH_RrpjWhYeQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
etag: "83129b8fcd100f7de5e79f685c8dd49a226fb6bd"
content-type: image/jpeg
age: 171
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4adb9ea6-07d3-4cd7-8e5a-4b9f43b4662d.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4adb9ea6-07d3-4cd7-8e5a-4b9f43b4662d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7def5eab120c634c4324bd93629552f3
b938095d7c5feff5d5c428dfb1d2a23a1a2db3e5
cdb541ee2733431d2fe0cec6c87c8948db48b5247ddb00bb3017f79d6615f2cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4adb9ea6-07d3-4cd7-8e5a-4b9f43b4662d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7110
x-amzn-requestid: df096a12-3744-4b5c-a525-f0a782d4438a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEMu0GCjIAMFjFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b27f8-407b2510647ccbc374e4dac4;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:36:56 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9nXB9PTlDZ8tlZC22Mz4IBqUdoWivuH4qLResfPhdWDLyCzfrAXqlA==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 171
etag: "b938095d7c5feff5d5c428dfb1d2a23a1a2db3e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c5bf7f3-2af5-4e40-a5dc-a596e1c0f04a.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c5bf7f3-2af5-4e40-a5dc-a596e1c0f04a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30232da4d2dc9438982ea90cc10dc912
cace2a97bcc0d2678a3291b82bac8abb61eda167
36a0176591f89a7c754964fb130b49da13cd78c006b4121fb77f7514f521eed5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c5bf7f3-2af5-4e40-a5dc-a596e1c0f04a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7267
x-amzn-requestid: 4b433a90-541f-4733-9435-0ef316859640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEMu0F7roAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b27f8-2a43cdc93330ecc44acc6d69;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Nv4WokO9w-zyFMD88h-a4k0dFKroK5RDtYEmxcQQxNTArUQF4qLdnQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 171
etag: "cace2a97bcc0d2678a3291b82bac8abb61eda167"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 440811a19987ddee099df289d9b61e79
ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1
1309e9dcb36858de70ef82900ec1ad429fbb795ddb9823fd1c290b18f4e2c1a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:22 GMT
age: 158
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F223c148f-e76c-4625-8d19-0d3ef6b3ab03.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F223c148f-e76c-4625-8d19-0d3ef6b3ab03.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94dbefe5b048c0bebab2485de87367a1
a0df1068e09270f0b5ab7529dc31cc533a244cdd
e6e10ade9f819cccc5a36790016d41bc5ccb02512075f750afc136486d0fbc2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F223c148f-e76c-4625-8d19-0d3ef6b3ab03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: b1678079-b51b-4b98-a44c-4024ad28451d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5XFbAIAMF08A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a2-1178963d495ce7232844459d;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PhNaJFavGm6uhnz7Qx7Y8e2dvRedDAKiAIdGlvdIL0BlvGmVRSZlnA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 355
etag: "a0df1068e09270f0b5ab7529dc31cc533a244cdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd94762992136ed2f4d24dd34a745154
2050cee63f8005c5d9ac1a817730ada51b323f34
4548836d8846da958f477e1df952f6da9b9640e204804a7c76194d3e061b90a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7082
x-amzn-requestid: 5e98988f-faad-4e52-a49f-28d5a77b15d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL46HFloAMFSag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b269f-6759e36c79241479181c1d05;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u2l4A1Vt7WLHe9NdaSFyBhwnBo9XfI3n5bXqpv8MGUXl7YaywUknJQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 358
etag: "2050cee63f8005c5d9ac1a817730ada51b323f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 15 Oct 2022 21:40:00 GMT
access-control-allow-origin: *
etag: "633fab48-2b"
expires: Sat, 15 Oct 2022 22:40:00 GMT
accept-ranges: bytes
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/56301838?wmode=7&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A1477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A595747770255%3Ahid%3A177091635%3Az%3A0%3Ai%3A20221015214002%3Aet%3A1665870003%3Ac%3A1%3Arn%3A516705699%3Arqn%3A1%3Au%3A1665870003959893854%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A61%2C27%2C299%2C1%2C233%2C0%2C%2C848%2C2%2C%2C%2C%2C1521%3Ans%3A1665869999664%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665870003%3At%3ABetter%20than%20dating&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/56301838?wmode=7&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A1477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A595747770255%3Ahid%3A177091635%3Az%3A0%3Ai%3A20221015214002%3Aet%3A1665870003%3Ac%3A1%3Arn%3A516705699%3Arqn%3A1%3Au%3A1665870003959893854%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A61%2C27%2C299%2C1%2C233%2C0%2C%2C848%2C2%2C%2C%2C%2C1521%3Ans%3A1665869999664%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665870003%3At%3ABetter%20than%20dating&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash a446f4070043975acf8247fe961306f3
759889b68298f85e4d04c00d80e2a013dccf2573
52089a06d009d6deb193e5e526906a4001984a4e3ecb4667b1293abf1dfa7d00
GET /watch/56301838?wmode=7&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A1477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A595747770255%3Ahid%3A177091635%3Az%3A0%3Ai%3A20221015214002%3Aet%3A1665870003%3Ac%3A1%3Arn%3A516705699%3Arqn%3A1%3Au%3A1665870003959893854%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A61%2C27%2C299%2C1%2C233%2C0%2C%2C848%2C2%2C%2C%2C%2C1521%3Ans%3A1665869999664%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665870003%3At%3ABetter%20than%20dating&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hay.gerl-may.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/56301838/1?wmode=7&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A1477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A595747770255%3Ahid%3A177091635%3Az%3A0%3Ai%3A20221015214002%3Aet%3A1665870003%3Ac%3A1%3Arn%3A516705699%3Arqn%3A1%3Au%3A1665870003959893854%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A61%2C27%2C299%2C1%2C233%2C0%2C%2C848%2C2%2C%2C%2C%2C1521%3Ans%3A1665869999664%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665870003%3At%3ABetter%20than%20dating&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 15 Oct 2022 21:40:00 GMT
access-control-allow-origin: http://hay.gerl-may.online
set-cookie: yandexuid=7904409151665870000; Expires=Sun, 15-Oct-2023 21:40:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7904409151665870000; Expires=Sun, 15-Oct-2023 21:40:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1274903801665870000; Path=/; SameSite=None; Secure
i=+1iXSX6WE3M4NIgqIR/IqAz0/qnu15yl1dDr+l0twVE26EaQNyhKGU8rXWxu5QcymcJ6rD4bZuHenpzudUbsJyB8u5w=; Expires=Tue, 12-Oct-2032 21:39:57 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1697406000.yrts.1665870000#1697406000.yrtsi.1665870000; Expires=Sun, 15-Oct-2023 21:40:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 21:40:00 GMT
last-modified: Sat, 15-Oct-2022 21:40:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/56301838/1?page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&charset=utf-8&hittoken=1665870000_d62b7583a2aae7803a01314e62ea27bf49fcca3a13ed0a06dc53498e8d6aae21&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A595747770255%3Ahid%3A177091635%3Az%3A0%3Ai%3A20221015214002%3Aet%3A1665870003%3Ac%3A1%3Arn%3A438354142%3Arqn%3A2%3Au%3A1665870003959893854%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2877%2C2877%2C0%2C%3Ans%3A1665869999664%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665870003&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/56301838/1?page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&charset=utf-8&hittoken=1665870000_d62b7583a2aae7803a01314e62ea27bf49fcca3a13ed0a06dc53498e8d6aae21&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A595747770255%3Ahid%3A177091635%3Az%3A0%3Ai%3A20221015214002%3Aet%3A1665870003%3Ac%3A1%3Arn%3A438354142%3Arqn%3A2%3Au%3A1665870003959893854%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2877%2C2877%2C0%2C%3Ans%3A1665869999664%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665870003&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/56301838/1?page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&charset=utf-8&hittoken=1665870000_d62b7583a2aae7803a01314e62ea27bf49fcca3a13ed0a06dc53498e8d6aae21&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A595747770255%3Ahid%3A177091635%3Az%3A0%3Ai%3A20221015214002%3Aet%3A1665870003%3Ac%3A1%3Arn%3A438354142%3Arqn%3A2%3Au%3A1665870003959893854%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2877%2C2877%2C0%2C%3Ans%3A1665869999664%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665870003&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 135
Origin: http://hay.gerl-may.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 15 Oct 2022 21:40:00 GMT
access-control-allow-origin: http://hay.gerl-may.online
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 21:40:00 GMT
last-modified: Sat, 15-Oct-2022 21:40:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/56301838?wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=945855341&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665870005%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214005%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870005&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/56301838?wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=945855341&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665870005%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214005%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870005&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/56301838?wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=945855341&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665870005%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214005%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870005&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7500
Origin: http://hay.gerl-may.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 15 Oct 2022 21:40:03 GMT
access-control-allow-origin: http://hay.gerl-may.online
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 21:40:03 GMT
last-modified: Sat, 15-Oct-2022 21:40:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/56301838?wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=1067360357&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665870005%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214005%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870005&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/56301838?wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=1067360357&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665870005%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214005%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870005&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/56301838?wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=1067360357&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665870005%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214005%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870005&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: http://hay.gerl-may.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 15 Oct 2022 21:40:03 GMT
access-control-allow-origin: http://hay.gerl-may.online
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 21:40:03 GMT
last-modified: Sat, 15-Oct-2022 21:40:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/56301838?wv-check=55434&wv-type=0&wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=932875459&browser-info=gdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/56301838?wv-check=55434&wv-type=0&wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=932875459&browser-info=gdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/56301838?wv-check=55434&wv-type=0&wmode=0&wv-part=1&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=932875459&browser-info=gdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: http://hay.gerl-may.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 15 Oct 2022 21:40:06 GMT
access-control-allow-origin: http://hay.gerl-may.online
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 21:40:06 GMT
last-modified: Sat, 15-Oct-2022 21:40:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/56301838?wmode=0&wv-part=2&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=1069018956&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/56301838?wmode=0&wv-part=2&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=1069018956&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/56301838?wmode=0&wv-part=2&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=1069018956&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: http://hay.gerl-may.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 15 Oct 2022 21:40:06 GMT
access-control-allow-origin: http://hay.gerl-may.online
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 21:40:06 GMT
last-modified: Sat, 15-Oct-2022 21:40:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/56301838?wmode=0&wv-part=2&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=141500549&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/56301838?wmode=0&wv-part=2&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=141500549&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/56301838?wmode=0&wv-part=2&wv-hit=177091635&page-url=http%3A%2F%2Fhay.gerl-may.online%2F%3Fs1%3Dptt1&rn=141500549&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1665870009%3Aw%3A1268x939%3Av%3A912%3Az%3A0%3Ai%3A20221015214008%3Au%3A1665870003959893854%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Awe%3A1%3Ast%3A1665870009&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: http://hay.gerl-may.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 15 Oct 2022 21:40:06 GMT
access-control-allow-origin: http://hay.gerl-may.online
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 21:40:06 GMT
last-modified: Sat, 15-Oct-2022 21:40:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
svntrk.com/assets/ptt1_634b28ae30230.js
172.67.197.110200 OK 0 B URL HTTP/2 svntrk.com/assets/ptt1_634b28ae30230.js
IP 172.67.197.110:0
GET /assets/ptt1_634b28ae30230.js HTTP/1.1
Host: svntrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 21:39:58 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: svnimp=634b28ae95f5f; path=/; secure; httponly; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaux2yJ8vSSYx5dIZlbosDOWhF6hIMnHUPAyTwR4PhT5sCPNDwLt%2BYg9xQ1QNWxKtWX0dJAqUDeJzCu8F7UfPc5OQ41RlFWZVscQ2w0Rg3eL7Ai8I8%2FfEMdQIWPC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75abb5e22907b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2