admin09.ulcraft.com/
185.129.100.126200 OK 1.8 kB IP 185.129.100.126:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (326)
Hash d375f4975586e260ef12149cf055af94
4c33b4a70c54f2d14448e56aebf4d940ffcb4d47
e861bae328462ff4670abd0bed923c18f7184ad01862ab91cf117580430dacf5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z; Domain=.ulcraft.com; HttpOnly; Path=/; Expires=Thu, 14-Dec-2023 19:59:33 GMT
Date: Wed, 14 Dec 2022 19:59:33 GMT
Content-Type: text/html; charset=utf-8
X-Powered-By: Express
Vary: Accept-Encoding
Content-Encoding: gzip
x-cms: ukit
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13714
Expires: Wed, 14 Dec 2022 23:48:07 GMT
Date: Wed, 14 Dec 2022 19:59:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5497
Expires: Wed, 14 Dec 2022 21:31:10 GMT
Date: Wed, 14 Dec 2022 19:59:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 51bd0cc75ed746fd33c950eb12936b7e
4a1007ea6c6e4f5e8b4a7d1f85f7a3e329dc8f50
188d4a0d544f40048dc7476cb4f5e478f1eb49a8ef1d51699fb155d2ae258655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188D4A0D544F40048DC7476CB4F5E478F1EB49A8EF1D51699FB155D2AE258655"
Last-Modified: Tue, 13 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3040
Expires: Wed, 14 Dec 2022 20:50:14 GMT
Date: Wed, 14 Dec 2022 19:59:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 19:33:50 GMT
content-type: application/json
age: 1544
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fu3pEGRZok7fEfwST4ugwdBG3WepQjhf/YpT+m5mhjuXtxDFejli2m+UuASWJ2LWlt61Phlk1OzRpE8INSnOfw==
x-amz-request-id: 4R40B5E6VSMHBQ0Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 19:50:38 GMT
age: 536
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 19:59:34 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
admin09.ulcraft.com/css/lib/bootstrap.css
185.129.100.126200 OK 6.3 kB URL HTTP/1.1 admin09.ulcraft.com/css/lib/bootstrap.css
IP 185.129.100.126:0
File type assembler source, ASCII text, with very long lines (540)
Hash 989306c104f96f9bdc5329d8fe5e323b
60aaff51c895d8c5a38cdaecca82d9fcdf6c7df6
015960bb703793ffed9b6b0ac9bbf0349f992780106f83b773b8487def82a549
GET /css/lib/bootstrap.css HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Dec 2016 14:14:05 GMT
Cache-Control: max-age=3600, must-revalidate, public
Content-Encoding: gzip
Etag: "5848192d-66cd"
Age: 0
Content-Length: 6327
DDG-Cache-Status: MISS,MISS
admin09.ulcraft.com/css/markup/system_messages.css
185.129.100.126200 OK 673 B URL HTTP/1.1 admin09.ulcraft.com/css/markup/system_messages.css
IP 185.129.100.126:0
Hash d8a007a81a6232cf3a82d98797a940d1
f425a5eac59d8498448f28d11765ebab51a3dd44
bb76f451db0b483d8d4a34cb451bb992e3190226e600601b8f7ac560423d7e5d
GET /css/markup/system_messages.css HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: text/css
Last-Modified: Wed, 19 Dec 2018 09:22:13 GMT
ETag: W/"5c1a0dc5-64b"
Cache-Control: max-age=3600, must-revalidate, public
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
admin09.ulcraft.com/js/lib/requirejs.min.js?v=2022_11_28T18_26_47_03_00_45f414d5e71bea78b691789e6737e328ad90708e
185.129.100.126200 OK 6.8 kB URL HTTP/1.1 admin09.ulcraft.com/js/lib/requirejs.min.js?v=2022_11_28T18_26_47_03_00_45f414d5e71bea78b691789e6737e328ad90708e
IP 185.129.100.126:0
File type ASCII text, with very long lines (539)
Hash 5236e873c9602915dc72a239a519f781
d5055e1cccd1279d6edac60080f842b073b042f0
37bfbf2aa307866ba8287d4529ac27ed2d47b384ef570cf559bb601ee85390c4
Analyzer Verdict Alert fortinet Phishing
GET /js/lib/requirejs.min.js?v=2022_11_28T18_26_47_03_00_45f414d5e71bea78b691789e6737e328ad90708e HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 07 Dec 2016 14:14:06 GMT
Cache-Control: max-age=3600, must-revalidate, public
Content-Encoding: gzip
Etag: "5848192e-3b81"
Age: 0
Content-Length: 6830
DDG-Cache-Status: MISS,MISS
admin09.ulcraft.com/js/requireConf.js?v=2022_11_28T18_26_47_03_00_45f414d5e71bea78b691789e6737e328ad90708e
185.129.100.126200 OK 12 kB URL HTTP/1.1 admin09.ulcraft.com/js/requireConf.js?v=2022_11_28T18_26_47_03_00_45f414d5e71bea78b691789e6737e328ad90708e
IP 185.129.100.126:0
File type ASCII text, with very long lines (32065)
Hash 00e6044ebe60a22132b786b1482f9bef
9799e59d5036c192b13115b6b1d6d86566d717ae
45f783a63f2904f7a2cec49953c2b7edbe738a70276ad9682f845566010bc617
Analyzer Verdict Alert fortinet Phishing
GET /js/requireConf.js?v=2022_11_28T18_26_47_03_00_45f414d5e71bea78b691789e6737e328ad90708e HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 28 Nov 2022 15:32:11 GMT
Cache-Control: max-age=3600, must-revalidate, public
Content-Encoding: gzip
Etag: "6384d47b-d5f3"
Age: 0
Content-Length: 11958
DDG-Cache-Status: MISS,MISS
admin09.ulcraft.com/css/base.css
185.129.100.126200 OK 44 kB URL HTTP/1.1 admin09.ulcraft.com/css/base.css
IP 185.129.100.126:0
File type Unicode text, UTF-8 text, with very long lines (2834)
Hash 0b6eb8a40c0da425d85ff66dc64cd4e6
b4662b8c1778e8a58874eb60ae35f932cbbc30ca
b950b29505521cb642dcaa0007b53123fcfd9e97f0ccdabb290501651a262af3
GET /css/base.css HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Dec 2021 16:23:20 GMT
ETag: W/"61cb39f8-49b89"
Cache-Control: max-age=3600, must-revalidate, public
Content-Encoding: gzip
Age: 0
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked
fast.fonts.net/t/1.css?apiType=css&projectid=eaf19cf5-485d-41eb-803b-07b10d75c4ce
104.17.224.78200 OK 0 B URL HTTP/1.1 fast.fonts.net/t/1.css?apiType=css&projectid=eaf19cf5-485d-41eb-803b-07b10d75c4ce
IP 104.17.224.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=eaf19cf5-485d-41eb-803b-07b10d75c4ce HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 0
Connection: keep-alive
x-amz-id-2: bzV0pWVfLz+LWRsQv/Qpm72iJjb2l831T0zWi8cqrGD2AUp1EJKA5KJXu+2WRrKQF3UYyLzV2us=
x-amz-request-id: FY36410WVG2DNM9K
Last-Modified: Tue, 23 Mar 2021 12:59:23 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Cache-Control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
CF-Cache-Status: HIT
Age: 210936
Accept-Ranges: bytes
Set-Cookie: __cf_bm=ni_Z2dONSkzdrjxDMwRY2dxLKmmKmG862T_AAS.x.98-1671047974-0-ASVl9j5ZCCSKzIw8Pfo5xQPSf+4Et1xu9+/hfE5AuN35G4QU03N+S93Uu3+iL2oa9BwR6F6IgGTmz9yNelEmR0c=; path=/; expires=Wed, 14-Dec-22 20:29:34 GMT; domain=.fonts.net; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7799854f394efabc-OSL
admin09.ulcraft.com/img/markup/locked.png
185.129.100.126200 OK 2.5 kB URL HTTP/1.1 admin09.ulcraft.com/img/markup/locked.png
IP 185.129.100.126:0
File type PNG image data, 90 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash f8f10edeb00e43ee59948db6a036e3f1
0b883ec8c07fc060c26cc7cf4c9a56e1f038a71a
2fbae599d32f01942b7ef1f5e495d281f0c4c8f933f1cbff297d6633efb5c874
GET /img/markup/locked.png HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: image/png
Content-Length: 2474
Last-Modified: Wed, 07 Dec 2016 14:14:05 GMT
Cache-Control: max-age=3600, must-revalidate, public
Accept-Ranges: bytes
Etag: "5848192d-9aa"
Age: 0
DDG-Cache-Status: MISS,MISS
admin09.ulcraft.com/fonts/baseFont/8b1d5802-f86f-4cc1-95a8-261eabda1d22.woff2
185.129.100.126200 OK 50 kB URL HTTP/1.1 admin09.ulcraft.com/fonts/baseFont/8b1d5802-f86f-4cc1-95a8-261eabda1d22.woff2
IP 185.129.100.126:0
File type Web Open Font Format (Version 2), TrueType, length 50516, version 1.0\012- data
Hash c87bf145d04b5f12c4d6c9605648df6e
3e68a9dc8b5220999175b00279e4b7b5849c1809
bfcc1ef464c127eb2db10bffe6543d295ba77867bc941688a7632ef2bb61f715
Analyzer Verdict Alert fortinet Phishing
GET /fonts/baseFont/8b1d5802-f86f-4cc1-95a8-261eabda1d22.woff2 HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://admin09.ulcraft.com/css/base.css
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: application/octet-stream
Content-Length: 50516
Last-Modified: Wed, 07 Dec 2016 14:14:05 GMT
ETag: "5848192d-c554"
Cache-Control: max-age=3600, must-revalidate, public
Accept-Ranges: bytes
Age: 0
DDG-Cache-Status: MISS,MISS
admin09.ulcraft.com/fonts/baseFont/61f9ec25-f5d7-431f-9606-553aa690b3ae.woff2
185.129.100.126200 OK 65 kB URL HTTP/1.1 admin09.ulcraft.com/fonts/baseFont/61f9ec25-f5d7-431f-9606-553aa690b3ae.woff2
IP 185.129.100.126:0
File type Web Open Font Format (Version 2), TrueType, length 64568, version 1.0\012- data
Hash 75ed6d762f5ce8c65a21cf34b6e86af2
a155b313c25af1714fee0ec9fd8d09c58f5b0858
9ae3d3dd91a31ac82260abb8099316a57314a9a3366f3a121cbcca64753aee2c
Analyzer Verdict Alert fortinet Phishing
GET /fonts/baseFont/61f9ec25-f5d7-431f-9606-553aa690b3ae.woff2 HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://admin09.ulcraft.com/css/base.css
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: application/octet-stream
Content-Length: 64568
Last-Modified: Wed, 07 Dec 2016 14:14:05 GMT
ETag: "5848192d-fc38"
Cache-Control: max-age=3600, must-revalidate, public
Accept-Ranges: bytes
Age: 0
DDG-Cache-Status: MISS,MISS
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.65.229200 OK 86 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.65.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash 8d95130f070f0c763b244fda35c7935c
4f6fb9e89d060f04f07ce1e5a8988e9353c5c97d
9509634071c38a10d37884473fb589b330c9a1bb125c978c4d65def8a689df27
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.253.0
x-jsd-version-type: version
etag: W/"34dc7-QN+lYHnjJ+PpkS6+fgpqfPCXGHE"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 14 Dec 2022 19:59:34 GMT
age: 5689
x-served-by: cache-fra-eddf8230060-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85649
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Wed, 14 Dec 2022 18:23:15 GMT
Expires: Wed, 14 Dec 2022 20:23:15 GMT
Cache-Control: public, max-age=7200
Age: 5779
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 091c10588293a8b2e464d505c27bc7e3
6133cf178b51d0438a106229478b822ceedd791e
a3894c765e1c1b66a198848e2edfee2b5eda86cd0639758764ee696fc9e6ec85
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "615BC52FC8BB379E6891069492479AF52B2A4D74"
Expires: Thu, 15 Dec 2022 06:00:00 GMT
Last-Modified: Wed, 14 Dec 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2672
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77998550be4e1bfa-OSL
admin09.ulcraft.com/favicon.ico
185.129.100.126200 OK 619 B URL HTTP/1.1 admin09.ulcraft.com/favicon.ico
IP 185.129.100.126:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash c487dce6d34aaa1d26df5d7d71ccd7ef
54a7b83a66dee179651d64252e7b799eb0d324e4
b8a6bc3d0818547437834864a4f9791adfcc542ecdf622dd804629a3d06f7b25
GET /favicon.ico HTTP/1.1
Host: admin09.ulcraft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Cookie: __ddg1_=83vy1UwtjZMJoqssSF5z
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 09 Aug 2016 14:07:32 GMT
Cache-Control: max-age=3600, must-revalidate, public
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "57a9e3a4-1536"
Age: 0
Content-Length: 619
DDG-Cache-Status: MISS,MISS
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0ee0c469970516bf6d255dafb0bd1225
884a347c2db0f220ce35dae3a64b1525ddbc3fa4
ff8285413954679ea64613c021380586779d139c7e0ccb6595f9efe3f1ae7e1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 19:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 19:33:20 GMT
age: 1574
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1270490348&t=pageview&_s=1&dl=http%3A%2F%2Fadmin09.ulcraft.com%2F&ul=en-us&de=UTF-8&dt=uKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=91177848&gjid=838362861&cid=1009403408.1671047972&tid=UA-57440954-55&_gid=222185108.1671047972&_r=1&_slc=1&z=245371805
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1270490348&t=pageview&_s=1&dl=http%3A%2F%2Fadmin09.ulcraft.com%2F&ul=en-us&de=UTF-8&dt=uKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=91177848&gjid=838362861&cid=1009403408.1671047972&tid=UA-57440954-55&_gid=222185108.1671047972&_r=1&_slc=1&z=245371805
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=1270490348&t=pageview&_s=1&dl=http%3A%2F%2Fadmin09.ulcraft.com%2F&ul=en-us&de=UTF-8&dt=uKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=91177848&gjid=838362861&cid=1009403408.1671047972&tid=UA-57440954-55&_gid=222185108.1671047972&_r=1&_slc=1&z=245371805 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://admin09.ulcraft.com
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://admin09.ulcraft.com
date: Wed, 14 Dec 2022 19:59:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0ee0c469970516bf6d255dafb0bd1225
884a347c2db0f220ce35dae3a64b1525ddbc3fa4
ff8285413954679ea64613c021380586779d139c7e0ccb6595f9efe3f1ae7e1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 19:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash fcfedc3f64b4e00c6f3013ea90426557
04b3014954e131ac85bb487e6b7f2a4b3dee393a
6d4f989215c0eeb752fd5a994291366707ffc210082cd230f2ffd422196c8ba7
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 19:59:34 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 18 Dec 2022 18:45:23 GMT
ETag: "04b3014954e131ac85bb487e6b7f2a4b3dee393a"
Last-Modified: Wed, 14 Dec 2022 18:45:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 776
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7799855288bb1bfa-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 210b7a2584ae55362c4b582e325f37f7
5f1982f961f1c5db96bbb66af075bab3cb535963
cb3767debad90cb8a34ce287de194cdb2a4f7146e7b51560fd2e0eb11fbfbc2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5218
Cache-Control: max-age=138860
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 19:59:34 GMT
Etag: "63999230-1d7"
Expires: Fri, 16 Dec 2022 10:33:54 GMT
Last-Modified: Wed, 14 Dec 2022 09:06:56 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 43
date: Wed, 14 Dec 2022 19:59:34 GMT
access-control-allow-origin: *
etag: "63933377-2b"
expires: Wed, 14 Dec 2022 20:59:34 GMT
accept-ranges: bytes
last-modified: Fri, 09 Dec 2022 16:09:11 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/62223091/1?wmode=7&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A604%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A928269186825%3Ahid%3A529956874%3Az%3A0%3Ai%3A20221214195932%3Aet%3A1671047972%3Ac%3A1%3Arn%3A1046578209%3Arqn%3A1%3Au%3A1671047972423165711%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C26%2C103%2C1%2C-4%2C0%2C%2C434%2C1%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671047971241%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671047972%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 433 B URL HTTP/2 mc.yandex.ru/watch/62223091/1?wmode=7&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A604%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A928269186825%3Ahid%3A529956874%3Az%3A0%3Ai%3A20221214195932%3Aet%3A1671047972%3Ac%3A1%3Arn%3A1046578209%3Arqn%3A1%3Au%3A1671047972423165711%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C26%2C103%2C1%2C-4%2C0%2C%2C434%2C1%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671047971241%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671047972%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (433), with no line terminators
Hash 2c443720c9f8c612917beacb05394fe7
1a44af18712a537e5112c313cfbbd3937a7bd513
82e3421ad99fa93509907f4a839918b319822bad58f49a82149c49ffef666446
GET /watch/62223091/1?wmode=7&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A604%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A928269186825%3Ahid%3A529956874%3Az%3A0%3Ai%3A20221214195932%3Aet%3A1671047972%3Ac%3A1%3Arn%3A1046578209%3Arqn%3A1%3Au%3A1671047972423165711%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C26%2C103%2C1%2C-4%2C0%2C%2C434%2C1%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671047971241%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671047972%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://admin09.ulcraft.com
Referer: http://admin09.ulcraft.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 433
date: Wed, 14 Dec 2022 19:59:34 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://admin09.ulcraft.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 14-Dec-2022 19:59:34 GMT
last-modified: Wed, 14-Dec-2022 19:59:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.31.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.31.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IK3sFu/4ovTnW8C3hocvMQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sOZzeD2VILdTwZVrxHLPQrb6mE0=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7433
Expires: Wed, 14 Dec 2022 22:03:29 GMT
Date: Wed, 14 Dec 2022 19:59:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7433
Expires: Wed, 14 Dec 2022 22:03:29 GMT
Date: Wed, 14 Dec 2022 19:59:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7433
Expires: Wed, 14 Dec 2022 22:03:29 GMT
Date: Wed, 14 Dec 2022 19:59:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7433
Expires: Wed, 14 Dec 2022 22:03:29 GMT
Date: Wed, 14 Dec 2022 19:59:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YHHaFWjmRFuBvcFQ6orltY_4JuQEcHhfyjxHO3-XZduh_hEGfPcPoA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 03:59:04 GMT
age: 57632
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8b0477fb90d103e2155bbf7ab47d877
ab668e755bd742b165fa3ba46a4c486c616a7ff6
40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BouIqIrg_vfxBH0weDXiqoEBcSV8_d4qDVB3Er5PeIrZz249iHdqGQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Dec 2022 05:29:25 GMT
age: 52211
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3acfbf939eab432007f8315f2376f563
e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c
d02ae4fa55f6ba4b1ca2186eb31a40018eada1e1491efdc4a95ffba4c35afa07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5108
x-amzn-requestid: cba619a3-ef9a-420b-b280-2b53608aad53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpL0G93IAMF59Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef18-7cc4f81a16016a8d63156bff;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3JmSN0RECaKzxPmndCUHm_4YLojawf7kw8A43yj1h1IfuZQKsVl6eg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:32 GMT
age: 79384
etag: "e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/62223091?wmode=7&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A604%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A928269186825%3Ahid%3A529956874%3Az%3A0%3Ai%3A20221214195932%3Aet%3A1671047972%3Ac%3A1%3Arn%3A1046578209%3Arqn%3A1%3Au%3A1671047972423165711%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C26%2C103%2C1%2C-4%2C0%2C%2C434%2C1%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671047971241%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671047972%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 13 kB URL HTTP/2 mc.yandex.ru/watch/62223091?wmode=7&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A604%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A928269186825%3Ahid%3A529956874%3Az%3A0%3Ai%3A20221214195932%3Aet%3A1671047972%3Ac%3A1%3Arn%3A1046578209%3Arqn%3A1%3Au%3A1671047972423165711%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C26%2C103%2C1%2C-4%2C0%2C%2C434%2C1%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671047971241%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671047972%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ddda117cee658be4cfe3a5d04a88c46
a167e2211732837cf07b3b9a0b33610492ab8a47
bc5fae9d44914c804f82d1e0f90a01fe14d86063da59292bf78100f539b3f7a8
GET /watch/62223091?wmode=7&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A604%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A928269186825%3Ahid%3A529956874%3Az%3A0%3Ai%3A20221214195932%3Aet%3A1671047972%3Ac%3A1%3Arn%3A1046578209%3Arqn%3A1%3Au%3A1671047972423165711%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C26%2C103%2C1%2C-4%2C0%2C%2C434%2C1%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671047971241%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671047972%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://admin09.ulcraft.com
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/62223091/1?wmode=7&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A604%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A928269186825%3Ahid%3A529956874%3Az%3A0%3Ai%3A20221214195932%3Aet%3A1671047972%3Ac%3A1%3Arn%3A1046578209%3Arqn%3A1%3Au%3A1671047972423165711%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C26%2C103%2C1%2C-4%2C0%2C%2C434%2C1%2C%2C%2C%2C604%3Aco%3A0%3Ans%3A1671047971241%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1671047972%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 14 Dec 2022 19:59:34 GMT
access-control-allow-origin: http://admin09.ulcraft.com
set-cookie: yabs-sid=825769191671047974; Path=/; SameSite=None; Secure
i=XIK5k/vf3Bu0ESZ87VKNQFmBOc8sRzsLTlmPcp9mHLsdS33IIGPnYlCbwXrsKb84eEIZPwFeOWrNUlr8+SKzIzRTrrw=; Expires=Sat, 11-Dec-2032 19:59:32 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=484815801671047974; Expires=Thu, 14-Dec-2023 19:59:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=484815801671047974; Expires=Thu, 14-Dec-2023 19:59:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702583974.yc.1671047974#1702583974.yrts.1671047974#1702583974.yrtsi.1671047974; Expires=Thu, 14-Dec-2023 19:59:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 14-Dec-2022 19:59:34 GMT
last-modified: Wed, 14-Dec-2022 19:59:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25e5932a6449b859223367ce1e67e59c
5d2ea71d4f0d952d665586bdf32ed0e88c605af6
160021eb4b65b4720d90337bf46bfc3c5b317b2ec406ba377c9368a11c56f629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12046
x-amzn-requestid: 53e890e7-eaa7-434d-bcde-4a1e60b5b6b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGqNWEhooAMFZxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f0bb-0282299f7b644bbd2b65c079;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XJelUmwr6ECrVewxG3xTG9Zfvy0dUgxkP6FhPndIJ43i3iK6yrJZsw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:34 GMT
age: 79382
etag: "5d2ea71d4f0d952d665586bdf32ed0e88c605af6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027a9fc390a10242c7389ac20d8be93a
9bc06ec4c13fd3f14bde06387d56814f2a886a88
8ef7b73d6657c8d5cfd26fcad97b82f0acd21637d7ee8af84688295ffca85093
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79a2c580-94e2-4dbb-9a82-9c5b12a9ecfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4041
x-amzn-requestid: 5f92302c-f41f-46a4-9283-2c5d49c3c282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpc2Gl5IAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef85-54bd3ad3579e0d081e17b206;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RuZ47uh2aq0Ib0ZGmC7gBooDauMtzuzRZspYkVePk5lFecEIrgTqFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:57:03 GMT
age: 79353
etag: "9bc06ec4c13fd3f14bde06387d56814f2a886a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=247373547&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1671047975%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195934%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047975&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=247373547&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1671047975%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195934%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047975&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=247373547&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1671047975%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195934%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047975&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4989
Origin: http://admin09.ulcraft.com
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 14 Dec 2022 19:59:37 GMT
access-control-allow-origin: http://admin09.ulcraft.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 14-Dec-2022 19:59:37 GMT
last-modified: Wed, 14-Dec-2022 19:59:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=436779623&wv-type=3&browser-info=we%3A1%3Aet%3A1671047975%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195935%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047975&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=436779623&wv-type=3&browser-info=we%3A1%3Aet%3A1671047975%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195935%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047975&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=436779623&wv-type=3&browser-info=we%3A1%3Aet%3A1671047975%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195935%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047975&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: http://admin09.ulcraft.com
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 14 Dec 2022 19:59:37 GMT
access-control-allow-origin: http://admin09.ulcraft.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 14-Dec-2022 19:59:37 GMT
last-modified: Wed, 14-Dec-2022 19:59:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wv-check=4456&wv-type=0&wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=960122284&browser-info=we%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wv-check=4456&wv-type=0&wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=960122284&browser-info=we%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wv-check=4456&wv-type=0&wmode=0&wv-part=1&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=960122284&browser-info=we%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: http://admin09.ulcraft.com
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 14 Dec 2022 19:59:42 GMT
access-control-allow-origin: http://admin09.ulcraft.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 14-Dec-2022 19:59:42 GMT
last-modified: Wed, 14-Dec-2022 19:59:42 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=2&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=905860062&wv-type=3&browser-info=we%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=2&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=905860062&wv-type=3&browser-info=we%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wmode=0&wv-part=2&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=905860062&wv-type=3&browser-info=we%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: http://admin09.ulcraft.com
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 14 Dec 2022 19:59:42 GMT
access-control-allow-origin: http://admin09.ulcraft.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 14-Dec-2022 19:59:42 GMT
last-modified: Wed, 14-Dec-2022 19:59:42 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=2&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=521316525&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=2&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=521316525&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wmode=0&wv-part=2&wv-hit=529956874&page-url=http%3A%2F%2Fadmin09.ulcraft.com%2F&rn=521316525&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1671047980%3Aw%3A1280x939%3Av%3A943%3Az%3A0%3Ai%3A20221214195940%3Au%3A1671047972423165711%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Ast%3A1671047980&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: http://admin09.ulcraft.com
Connection: keep-alive
Referer: http://admin09.ulcraft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 14 Dec 2022 19:59:42 GMT
access-control-allow-origin: http://admin09.ulcraft.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 14-Dec-2022 19:59:42 GMT
last-modified: Wed, 14-Dec-2022 19:59:42 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2