topcash.buzz/vw4c
92.118.149.87301 Moved Permanently 169 B IP 92.118.149.87:0
ASN #204957 Green Floid LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1d7e105f6929fa04f2ec0e8cc2bf18d3
9259ce376f72bf5861e0b455712baca565235602
9e5fe1fc9fb5e65dbb0af3bc4fcd3443a2dbf812bcd75f2bf7b17c3d7524b8fe
GET /vw4c HTTP/1.1
Host: topcash.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.0
Date: Thu, 22 Sep 2022 21:36:30 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://topcash.buzz/vw4c
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 21:14:03 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ckGo2g1WWqg8uKhgLcNIg-inU449s_rowITEyyi845tIeBJvJt16ZA==
Age: 1347
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16357
Expires: Fri, 23 Sep 2022 02:09:07 GMT
Date: Thu, 22 Sep 2022 21:36:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LMhCMA90bNI8KxiqGhwLzrFKs3fJo4GvBVKuCuWOJ6JXu4Rx9ydb6w==
age: 61276
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a4aa99a3a2fa503c9ee363076f48b6d9
ed9c58b07364c30f308863b08bcf9cffa6abf443
db47ce2fe9cc3026839239612206a5fbe67ea664211e8667363eff302fa87064
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB47CE2FE9CC3026839239612206A5FBE67EA664211E8667363EFF302FA87064"
Last-Modified: Tue, 20 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21577
Expires: Fri, 23 Sep 2022 03:36:07 GMT
Date: Thu, 22 Sep 2022 21:36:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 21:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 21:11:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JiZRpuHnM76u9almuXj_Xl_XMzTUAJyzcgQMlL3iQYP9J73ejSHw9A==
Age: 1989
topcash.buzz/vw4c
92.118.149.87302 Found 0 B IP 92.118.149.87:0
ASN #204957 Green Floid LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vw4c HTTP/1.1
Host: topcash.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.20.0
Date: Thu, 22 Sep 2022 21:36:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.29-1~deb10u1
Access-Control-Allow-Origin: *
Set-Cookie: qwerty_vw4c=0; expires=Tue, 27-Sep-2022 01:36:31 GMT; Max-Age=360000; path=/
Location: https://news-fiwosu.cc/tds.php?sid=8049633&p1=&fullscreen=1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:36:31 GMT
Last-Modified: Thu, 22 Sep 2022 20:28:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash dab25249a7cbe208bafe0b4cadb597de
6d55b0a14b018ae910cf25ffd5ec3b57ad6cb334
659250c0dfc10de46e3907d4d2f2b68e9df9d996508ed301ca6c524b2de01491
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 21:36:31 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 06:48:30 GMT
Expires: Thu, 29 Sep 2022 06:48:29 GMT
Etag: "6d55b0a14b018ae910cf25ffd5ec3b57ad6cb334"
Cache-Control: max-age=550917,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ee2d334f3a1c16-OSL
news-fiwosu.cc/revopush.js?v=4
149.7.16.209200 OK 8.9 kB URL HTTP/2 news-fiwosu.cc/revopush.js?v=4
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8922), with no line terminators
Hash 51014cabdb246e54c6fe1c7864225e81
04390aa362cc51c8f3aa848e5f1a11b3f9ba2751
32da65acc9ea9ff95f364751b4855731358710ebeb6b25d863a1c5d02dc73bd1
GET /revopush.js?v=4 HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: application/javascript
content-length: 8922
last-modified: Mon, 29 Aug 2022 09:05:32 GMT
etag: "630c815c-22da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/css/style.css
149.7.16.209200 OK 5.8 kB URL HTTP/2 news-fiwosu.cc/lands/55/css/style.css
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
Hash b6a33a3121e10f9ea6be914c5314e820
7629ff4c2cd0fe40891d175af1832c39b35546cb
75bd2521f24049f7d3011558d138c207fdd70ba86b4d0339110084e766e7e8ff
GET /lands/55/css/style.css HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: text/css
content-length: 5780
last-modified: Tue, 05 Oct 2021 11:04:06 GMT
etag: "615c3126-1694"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/js/device.js
149.7.16.209200 OK 7.4 kB URL HTTP/2 news-fiwosu.cc/lands/55/js/device.js
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document, ASCII text
Hash 46ce7a0522431a9a972b55b01bf0c1f1
263694d7c99de62fb4e9f4e9215ec9df92f16dc2
8b4fd7bcadd8d9e95b7aebae2f7b233dab0453cc931ba13add8a313dc3c61033
GET /lands/55/js/device.js HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: application/javascript
content-length: 7364
last-modified: Fri, 15 Jan 2016 03:04:12 GMT
etag: "569861ac-1cc4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/images/pc-header.jpg
149.7.16.209200 OK 78 kB URL HTTP/2 news-fiwosu.cc/lands/55/images/pc-header.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3\012- data
Hash 7b5471d796895489e8526d789b9d40f6
0239e9afbff1cf03adb273fd5b24e68f17f52659
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac
GET /lands/55/images/pc-header.jpg HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 05 Oct 2021 10:31:11 GMT
etag: "615c296f-1310a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/images/mobile-header.jpg
149.7.16.209200 OK 16 kB URL HTTP/2 news-fiwosu.cc/lands/55/images/mobile-header.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3\012- data
Hash cd2599ebcf088e38b0136da54be6056b
831aa894f796523bb13da5295773fad0adf08a43
bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a
GET /lands/55/images/mobile-header.jpg HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/jpeg
content-length: 15684
last-modified: Tue, 05 Oct 2021 10:12:32 GMT
etag: "615c2510-3d44"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/images/spinning-circles2.svg
149.7.16.209200 OK 503 B URL HTTP/2 news-fiwosu.cc/lands/55/images/spinning-circles2.svg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /lands/55/images/spinning-circles2.svg HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Fri, 20 Aug 2021 11:10:37 GMT
etag: "611f8dad-1f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.160.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.160.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NIbaY1RNeDzOCi50xZZ0Iw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AbgWGrAIMgaT/PP3weoXSX5ASsU=
news-fiwosu.cc/sw.js
149.7.16.209200 OK 4.0 kB IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (3964), with no line terminators
Hash 7c60cc903a18857a61023bde734a757b
d53632ffe44847e798eeb6fcaacc3b3584e4a23d
dff87b88fb2ffccdadc8d3c04ffe475d848247456fa7c5b95328ccc14e7a48ea
GET /sw.js HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: application/javascript
content-length: 3964
last-modified: Tue, 30 Aug 2022 09:40:34 GMT
etag: "630ddb12-f7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/images/pc-sidebar.jpg
149.7.16.209200 OK 163 kB URL HTTP/2 news-fiwosu.cc/lands/55/images/pc-sidebar.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3\012- data
Size 163 kB (162651 bytes)
Hash 2f5daa5004b75049f0bec772965b7943
a1336e046340afce9445ced5e26dc006fd47f6e9
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
GET /lands/55/images/pc-sidebar.jpg HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 05 Oct 2021 10:09:32 GMT
etag: "615c245c-27b5b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/images/mobile-after-video.png
149.7.16.209200 OK 160 kB URL HTTP/2 news-fiwosu.cc/lands/55/images/mobile-after-video.png
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced\012- data
Size 160 kB (159828 bytes)
Hash d443d6dbbc102de6552453c20708a93b
591fa73cc4a0406124ca56dce015db983f540a12
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
GET /lands/55/images/mobile-after-video.png HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 05 Oct 2021 10:53:03 GMT
etag: "615c2e8f-27054"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/images/pc-after-video.jpg
149.7.16.209200 OK 221 kB URL HTTP/2 news-fiwosu.cc/lands/55/images/pc-after-video.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3\012- data
Size 221 kB (220788 bytes)
Hash bde3fee065c7408f2ba31b7633552644
75d8d5e0f57af3ac24337d0c496fcc549566c4fc
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21
GET /lands/55/images/pc-after-video.jpg HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 05 Oct 2021 10:42:11 GMT
etag: "615c2c03-35e74"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/images/video.gif
149.7.16.209200 OK 1.3 MB URL HTTP/2 news-fiwosu.cc/lands/55/images/video.gif
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 300 x 225\012- data
Size 1.3 MB (1261197 bytes)
Hash 219f73ae12fc4696639ce99694cb6463
4265f8a22afe580964444a549afab5a07edde5c6
19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c
GET /lands/55/images/video.gif HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/gif
content-length: 1261197
last-modified: Mon, 18 Oct 2021 07:41:16 GMT
etag: "616d251c-133e8d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/revopush.js?v=4
149.7.16.209200 OK 8.9 kB URL HTTP/2 1.news-fiwosu.cc/revopush.js?v=4
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8922), with no line terminators
Hash 51014cabdb246e54c6fe1c7864225e81
04390aa362cc51c8f3aa848e5f1a11b3f9ba2751
32da65acc9ea9ff95f364751b4855731358710ebeb6b25d863a1c5d02dc73bd1
Analyzer Verdict Alert fortinet Phishing
GET /revopush.js?v=4 HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: application/javascript
content-length: 8922
last-modified: Mon, 29 Aug 2022 09:05:32 GMT
etag: "630c815c-22da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/css/style.css
149.7.16.209200 OK 5.8 kB URL HTTP/2 1.news-fiwosu.cc/lands/55/css/style.css
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
Hash b6a33a3121e10f9ea6be914c5314e820
7629ff4c2cd0fe40891d175af1832c39b35546cb
75bd2521f24049f7d3011558d138c207fdd70ba86b4d0339110084e766e7e8ff
GET /lands/55/css/style.css HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: text/css
content-length: 5780
last-modified: Tue, 05 Oct 2021 11:04:06 GMT
etag: "615c3126-1694"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/images/pc-header.jpg
149.7.16.209200 OK 78 kB URL HTTP/2 1.news-fiwosu.cc/lands/55/images/pc-header.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3\012- data
Hash 7b5471d796895489e8526d789b9d40f6
0239e9afbff1cf03adb273fd5b24e68f17f52659
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac
GET /lands/55/images/pc-header.jpg HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 05 Oct 2021 10:31:11 GMT
etag: "615c296f-1310a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/images/mobile-header.jpg
149.7.16.209200 OK 16 kB URL HTTP/2 1.news-fiwosu.cc/lands/55/images/mobile-header.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3\012- data
Hash cd2599ebcf088e38b0136da54be6056b
831aa894f796523bb13da5295773fad0adf08a43
bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a
GET /lands/55/images/mobile-header.jpg HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/jpeg
content-length: 15684
last-modified: Tue, 05 Oct 2021 10:12:32 GMT
etag: "615c2510-3d44"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/images/spinning-circles2.svg
149.7.16.209200 OK 503 B URL HTTP/2 1.news-fiwosu.cc/lands/55/images/spinning-circles2.svg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
Analyzer Verdict Alert fortinet Phishing
GET /lands/55/images/spinning-circles2.svg HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Fri, 20 Aug 2021 11:10:37 GMT
etag: "611f8dad-1f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/images/pc-after-video.jpg
149.7.16.209200 OK 221 kB URL HTTP/2 1.news-fiwosu.cc/lands/55/images/pc-after-video.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3\012- data
Size 221 kB (220788 bytes)
Hash bde3fee065c7408f2ba31b7633552644
75d8d5e0f57af3ac24337d0c496fcc549566c4fc
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21
GET /lands/55/images/pc-after-video.jpg HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/jpeg
content-length: 220788
last-modified: Tue, 05 Oct 2021 10:42:11 GMT
etag: "615c2c03-35e74"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/images/mobile-after-video.png
149.7.16.209200 OK 160 kB URL HTTP/2 1.news-fiwosu.cc/lands/55/images/mobile-after-video.png
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced\012- data
Size 160 kB (159828 bytes)
Hash d443d6dbbc102de6552453c20708a93b
591fa73cc4a0406124ca56dce015db983f540a12
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
GET /lands/55/images/mobile-after-video.png HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 05 Oct 2021 10:53:03 GMT
etag: "615c2e8f-27054"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/js/device.js
149.7.16.209200 OK 7.4 kB URL HTTP/2 1.news-fiwosu.cc/lands/55/js/device.js
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document, ASCII text
Hash 46ce7a0522431a9a972b55b01bf0c1f1
263694d7c99de62fb4e9f4e9215ec9df92f16dc2
8b4fd7bcadd8d9e95b7aebae2f7b233dab0453cc931ba13add8a313dc3c61033
Analyzer Verdict Alert fortinet Phishing
GET /lands/55/js/device.js HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: application/javascript
content-length: 7364
last-modified: Fri, 15 Jan 2016 03:04:12 GMT
etag: "569861ac-1cc4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/images/pc-sidebar.jpg
149.7.16.209200 OK 163 kB URL HTTP/2 1.news-fiwosu.cc/lands/55/images/pc-sidebar.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3\012- data
Size 163 kB (162651 bytes)
Hash 2f5daa5004b75049f0bec772965b7943
a1336e046340afce9445ced5e26dc006fd47f6e9
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
GET /lands/55/images/pc-sidebar.jpg HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 05 Oct 2021 10:09:32 GMT
etag: "615c245c-27b5b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/images/video.gif
149.7.16.209200 OK 1.3 MB URL HTTP/2 1.news-fiwosu.cc/lands/55/images/video.gif
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 300 x 225\012- data
Size 1.3 MB (1261197 bytes)
Hash 219f73ae12fc4696639ce99694cb6463
4265f8a22afe580964444a549afab5a07edde5c6
19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c
GET /lands/55/images/video.gif HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: image/gif
content-length: 1261197
last-modified: Mon, 18 Oct 2021 07:41:16 GMT
etag: "616d251c-133e8d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/sw.js
149.7.16.209200 OK 4.0 kB IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (3964), with no line terminators
Hash 7c60cc903a18857a61023bde734a757b
d53632ffe44847e798eeb6fcaacc3b3584e4a23d
dff87b88fb2ffccdadc8d3c04ffe475d848247456fa7c5b95328ccc14e7a48ea
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: application/javascript
content-length: 3964
last-modified: Tue, 30 Aug 2022 09:40:34 GMT
etag: "630ddb12-f7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/8/v_F.ico
149.7.16.209200 OK 1.2 kB URL HTTP/2 1.news-fiwosu.cc/lands/8/v_F.ico
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 183cab2f5d4582ef71ae37efc8d458dd
7c230eba9c1ce7900ea9bbf53dde00ea068dc995
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e
Analyzer Verdict Alert fortinet Phishing
GET /lands/8/v_F.ico HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 20 Sep 2019 08:21:00 GMT
etag: "5d848bec-47e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-fiwosu.cc/revopush.js?v=4
149.7.16.209200 OK 8.9 kB URL HTTP/2 2.news-fiwosu.cc/revopush.js?v=4
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8922), with no line terminators
Hash 51014cabdb246e54c6fe1c7864225e81
04390aa362cc51c8f3aa848e5f1a11b3f9ba2751
32da65acc9ea9ff95f364751b4855731358710ebeb6b25d863a1c5d02dc73bd1
GET /revopush.js?v=4 HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: application/javascript
content-length: 8922
last-modified: Mon, 29 Aug 2022 09:05:32 GMT
etag: "630c815c-22da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-fiwosu.cc/lands/55/css/style.css
149.7.16.209200 OK 5.8 kB URL HTTP/2 2.news-fiwosu.cc/lands/55/css/style.css
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
Hash b6a33a3121e10f9ea6be914c5314e820
7629ff4c2cd0fe40891d175af1832c39b35546cb
75bd2521f24049f7d3011558d138c207fdd70ba86b4d0339110084e766e7e8ff
GET /lands/55/css/style.css HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: text/css
content-length: 5780
last-modified: Tue, 05 Oct 2021 11:04:06 GMT
etag: "615c3126-1694"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-fiwosu.cc/lands/55/images/pc-header.jpg
149.7.16.209200 OK 78 kB URL HTTP/2 2.news-fiwosu.cc/lands/55/images/pc-header.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3\012- data
Hash 7b5471d796895489e8526d789b9d40f6
0239e9afbff1cf03adb273fd5b24e68f17f52659
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac
GET /lands/55/images/pc-header.jpg HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/jpeg
content-length: 78090
last-modified: Tue, 05 Oct 2021 10:31:11 GMT
etag: "615c296f-1310a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-fiwosu.cc/traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55
149.7.16.209200 OK 16 kB URL HTTP/2 news-fiwosu.cc/traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
Hash 465d2e4789636075f4cba777d415b60b
565080e57077041e8cfca828f901d03559d7d9be
716f7b62180996c9e2d2184558e61d2217a02a287ee621050d7fa0b275c6e36c
GET /traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55 HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-fiwosu.cc/lands/55/images/spinning-circles2.svg
149.7.16.209200 OK 503 B URL HTTP/2 2.news-fiwosu.cc/lands/55/images/spinning-circles2.svg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /lands/55/images/spinning-circles2.svg HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Fri, 20 Aug 2021 11:10:37 GMT
etag: "611f8dad-1f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
149.7.16.209200 OK 223 kB URL HTTP/2 1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
Size 223 kB (223282 bytes)
Hash 40d2baaa4e923bd7e586a1462249c8dd
e6e4be1a71bc28dbdfc2716099ed504a6b7bafcd
e0a8f6879480612f7544ed7f0fd6c84541da65a44136f79edbb87257ad52d40c
GET /lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4= HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-fiwosu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8; expires=Thu, 22-Sep-2022 22:36:31 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-fiwosu.cc/lands/55/images/mobile-after-video.png
149.7.16.209200 OK 160 kB URL HTTP/2 2.news-fiwosu.cc/lands/55/images/mobile-after-video.png
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced\012- data
Size 160 kB (159828 bytes)
Hash d443d6dbbc102de6552453c20708a93b
591fa73cc4a0406124ca56dce015db983f540a12
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
GET /lands/55/images/mobile-after-video.png HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 159828
last-modified: Tue, 05 Oct 2021 10:53:03 GMT
etag: "615c2e8f-27054"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-fiwosu.cc/lands/55/images/pc-sidebar.jpg
149.7.16.209200 OK 163 kB URL HTTP/2 2.news-fiwosu.cc/lands/55/images/pc-sidebar.jpg
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3\012- data
Size 163 kB (162651 bytes)
Hash 2f5daa5004b75049f0bec772965b7943
a1336e046340afce9445ced5e26dc006fd47f6e9
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
GET /lands/55/images/pc-sidebar.jpg HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/jpeg
content-length: 162651
last-modified: Tue, 05 Oct 2021 10:09:32 GMT
etag: "615c245c-27b5b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-fiwosu.cc/lands/55/images/video.gif
149.7.16.209200 OK 1.3 MB URL HTTP/2 2.news-fiwosu.cc/lands/55/images/video.gif
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 300 x 225\012- data
Size 1.3 MB (1261197 bytes)
Hash 219f73ae12fc4696639ce99694cb6463
4265f8a22afe580964444a549afab5a07edde5c6
19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c
GET /lands/55/images/video.gif HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/gif
content-length: 1261197
last-modified: Mon, 18 Oct 2021 07:41:16 GMT
etag: "616d251c-133e8d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-fiwosu.cc/lands/55/js/device.js
149.7.16.209200 OK 7.4 kB URL HTTP/2 2.news-fiwosu.cc/lands/55/js/device.js
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document, ASCII text
Hash 46ce7a0522431a9a972b55b01bf0c1f1
263694d7c99de62fb4e9f4e9215ec9df92f16dc2
8b4fd7bcadd8d9e95b7aebae2f7b233dab0453cc931ba13add8a313dc3c61033
GET /lands/55/js/device.js HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: application/javascript
content-length: 7364
last-modified: Fri, 15 Jan 2016 03:04:12 GMT
etag: "569861ac-1cc4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-fiwosu.cc/sw.js
149.7.16.209200 OK 4.0 kB IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (3964), with no line terminators
Hash 7c60cc903a18857a61023bde734a757b
d53632ffe44847e798eeb6fcaacc3b3584e4a23d
dff87b88fb2ffccdadc8d3c04ffe475d848247456fa7c5b95328ccc14e7a48ea
GET /sw.js HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: application/javascript
content-length: 3964
last-modified: Tue, 30 Aug 2022 09:40:34 GMT
etag: "630ddb12-f7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2221
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 21:36:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2221
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 21:36:32 GMT
Connection: keep-alive
2.news-fiwosu.cc/lands/8/v_F.ico
149.7.16.209200 OK 1.2 kB URL HTTP/2 2.news-fiwosu.cc/lands/8/v_F.ico
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 183cab2f5d4582ef71ae37efc8d458dd
7c230eba9c1ce7900ea9bbf53dde00ea068dc995
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e
GET /lands/8/v_F.ico HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 20 Sep 2019 08:21:00 GMT
etag: "5d848bec-47e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ct3XiDhNXQiFQacL7awcTyRLDFgs5ylgmViSaMvqeFSK3Eh8J279TQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:34:22 GMT
age: 130
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:06:44 GMT
age: 1788
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 41ceb886-c038-4ba0-9e3a-a27879cf48ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwjFVjoAMFWNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84d0-3f4f6a367c893c7a0669dffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d8Kelwi2OY0jt17q80szh8-ErN3ZQM1hhl3HZeNQvlKijygQIJtNww==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:00 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 84032
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: itH-GLLUay6dtfjGStUDeT3wOwVf-S3tWSY31HjriEFaRUiD8aFKNw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 17:06:02 GMT
age: 16230
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: 59e98571-f927-44b3-b088-29ec1e4cc3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYxD-FnIIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202ee6-14e47d9a3ae47d0f607033a8;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:19:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 55e0txtcytlUpcNWSLrHWN3FC1t4dMHGTrHGhNV7YFIhOz6c45UcCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:04:27 GMT
age: 23525
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:03 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 84029
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 879369ce7a8ef4f531d339c32826dc6a
8e1c4ce43eb15d02a6446387e01252403e4b89b7
a39b6a2d96d9eaefdb0bb6792b26c5f93dfc29eef09d6f56d5ee543bdec1b5ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A39B6A2D96D9EAEFDB0BB6792B26C5F93DFC29EEF09D6F56D5EE543BDEC1B5CA"
Last-Modified: Wed, 21 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2119
Expires: Thu, 22 Sep 2022 22:11:51 GMT
Date: Thu, 22 Sep 2022 21:36:32 GMT
Connection: keep-alive
somenewforyou.cc/b81698fd2.js
185.177.94.152200 OK 54 B URL HTTP/2 somenewforyou.cc/b81698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 30c1fd0f847f40d79960103f317ec07d
a0d13efcd4192c63adc1eabfb05717ad1cebd931
556ec061bb60ac3e9a1769e325fa43e4e6c1351216161560bdd37356956dbd1f
Analyzer Verdict Alert fortinet Malware
GET /b81698fd2.js HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 02 Jul 2022 04:59:02 GMT
etag: "62bfd096-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/logo.png
185.177.94.152200 OK 7.2 kB URL HTTP/2 somenewforyou.cc/img/17/logo.png
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 298 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fa0c2649b56a64bf24ec059fd49b982
802c9d794cc845927439ce8a3077975199015ebb
a513d2e457125cd443461746199793cd61f2e4511a9acfcda504f70b5000c774
GET /img/17/logo.png HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 7171
last-modified: Tue, 25 Feb 2020 07:15:00 GMT
etag: "5e54c974-1c03"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/burger.png
185.177.94.152200 OK 295 B URL HTTP/2 somenewforyou.cc/img/17/burger.png
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Hash fdea660170d6a7330b24d167c2c3d1d6
c95db01c09abcd2c3b3375ea2baa1443d1473af0
415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8
GET /img/17/burger.png HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 295
last-modified: Tue, 25 Feb 2020 07:15:00 GMT
etag: "5e54c974-127"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/search-icon.png
185.177.94.152200 OK 516 B URL HTTP/2 somenewforyou.cc/img/17/search-icon.png
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Hash 34123928575ef4cf3df12db2fa095e99
8d5873549768bcbf278e04c6baf6404c2971b07b
0ff5216f552496405eca9c9449f77dd8a913bce909fa9ae8662cb85969f96272
GET /img/17/search-icon.png HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 516
last-modified: Tue, 25 Feb 2020 07:15:00 GMT
etag: "5e54c974-204"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/btn-icon.png
185.177.94.152200 OK 395 B URL HTTP/2 somenewforyou.cc/img/17/btn-icon.png
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 52 x 56, 8-bit gray+alpha, non-interlaced\012- data
Hash 06f18f63c3036edde4e88c1d5f200104
33c1e2780dc0a6f595afc2d87ed438ccb3d8922b
005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d
GET /img/17/btn-icon.png HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 395
last-modified: Tue, 25 Feb 2020 07:15:00 GMT
etag: "5e54c974-18b"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/player-ui-l.png
185.177.94.152200 OK 663 B URL HTTP/2 somenewforyou.cc/img/17/player-ui-l.png
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 144 x 100, 8-bit gray+alpha, non-interlaced\012- data
Hash 5159265d4e4ecc1bfa2e8b028fc0534d
443e7f825760d81906a5c1a4ca660e0385b435fe
46a01582282a1e9326a84e445ba3da470e059b5d091d326e45271b698d6d62a1
GET /img/17/player-ui-l.png HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 663
last-modified: Tue, 25 Feb 2020 07:15:00 GMT
etag: "5e54c974-297"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/player-ui-r.png
185.177.94.152200 OK 1.1 kB URL HTTP/2 somenewforyou.cc/img/17/player-ui-r.png
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 226 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 74174fa53d52a184fa0a586f988f0d94
6fc2f64667c7cfabd7ae7a2409d20de7a501d9a3
4e0fbe743a42b8a641daec0745e3a80e22ed9df424b7e0e0c852ba27b9b409d3
GET /img/17/player-ui-r.png HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 1118
last-modified: Tue, 25 Feb 2020 07:15:00 GMT
etag: "5e54c974-45e"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/views.png
185.177.94.152200 OK 461 B URL HTTP/2 somenewforyou.cc/img/17/views.png
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 32 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ad8de150ced2f4ab8828c02c23ab95c
b7620db8dc0ef0075c79de9c0f3409d292413b80
efb233df0a528dd04d7b9725ad679738f043478ced654fe0e9a9b59b205d447b
GET /img/17/views.png HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 461
last-modified: Tue, 25 Feb 2020 07:15:00 GMT
etag: "5e54c974-1cd"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/stars.png
185.177.94.152200 OK 589 B URL HTTP/2 somenewforyou.cc/img/17/stars.png
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 169 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 586e70ae8cf2f823dc7876917d90be92
33d61043ae53a9377ad37bfd5b84c73f770c4105
894bcd381abf4e10bbbe8802a7c52396d8b6b73cdf9d2837caf8f6a0d7aea707
GET /img/17/stars.png HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/png
content-length: 589
last-modified: Tue, 25 Feb 2020 07:16:00 GMT
etag: "5e54c9b0-24d"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/pics-1.jpg
185.177.94.152200 OK 9.4 kB URL HTTP/2 somenewforyou.cc/img/17/pics-1.jpg
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data\012- data
Hash 0fdbe8ac7fda89d3ed4d0845d4f86384
b14ff199e53771631d302442b22ecdd1867c88e4
733eb3487f5a82cdb71eda01d36247bf57ad107ee3be967d6561fa7f2f78664e
GET /img/17/pics-1.jpg HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/jpeg
content-length: 9415
last-modified: Tue, 25 Feb 2020 07:16:00 GMT
etag: "5e54c9b0-24c7"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/pics-2.jpg
185.177.94.152200 OK 6.0 kB URL HTTP/2 somenewforyou.cc/img/17/pics-2.jpg
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data\012- data
Hash 7ca024e2ee360dee3a5ed409d8694295
55ac5fb299e34092ec8323e8f32cba0f33fd4105
0e6b67b963746ceeb4785fe5041806aca4d98a6fce7a2585240d25e32b5fe999
GET /img/17/pics-2.jpg HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/jpeg
content-length: 5972
last-modified: Tue, 25 Feb 2020 07:16:00 GMT
etag: "5e54c9b0-1754"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/pics-3.jpg
185.177.94.152200 OK 9.2 kB URL HTTP/2 somenewforyou.cc/img/17/pics-3.jpg
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data\012- data
Hash 5f69e27fa1a7f979ca9e375da09d24dc
22699243d1b2bb1da09e8db42cb4f7cdccb71820
d775a68996acfd4e425c30b5ecb82549361b9f18fadea8509c312b4f420d3634
GET /img/17/pics-3.jpg HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/jpeg
content-length: 9158
last-modified: Tue, 25 Feb 2020 07:16:00 GMT
etag: "5e54c9b0-23c6"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/img/17/pics-4.jpg
185.177.94.152200 OK 9.7 kB URL HTTP/2 somenewforyou.cc/img/17/pics-4.jpg
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data\012- data
Hash bb74abbad9688a711d5c26b38a9836e3
8bec5939654c02d7b800c66547e1aa778c2d438c
3fb9e79f5a0a5fe0f0d466b9d715562c6abeed5b2b32dc4b9673b80494137dbe
GET /img/17/pics-4.jpg HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: image/jpeg
content-length: 9707
last-modified: Tue, 25 Feb 2020 07:16:00 GMT
etag: "5e54c9b0-25eb"
expires: Sat, 22 Oct 2022 21:36:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2
somenewforyou.cc/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 somenewforyou.cc/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.somenewforyou.cc/b81698fd2.js
185.177.94.152200 OK 54 B URL HTTP/2 0.somenewforyou.cc/b81698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 30c1fd0f847f40d79960103f317ec07d
a0d13efcd4192c63adc1eabfb05717ad1cebd931
556ec061bb60ac3e9a1769e325fa43e4e6c1351216161560bdd37356956dbd1f
Analyzer Verdict Alert fortinet Malware
GET /b81698fd2.js HTTP/1.1
Host: 0.somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0; uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 02 Jul 2022 04:59:02 GMT
etag: "62bfd096-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
0.somenewforyou.cc/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 0.somenewforyou.cc/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 0.somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.somenewforyou.cc/index.php?p=ha3dozrrmy5dcmbwgq2q
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0; uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 22 Sep 2022 21:36:33 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
1.somenewforyou.cc/index.php?p=ha3dozrrmy5dcmbwgq2q
185.177.94.152200 OK 33 kB URL HTTP/2 1.somenewforyou.cc/index.php?p=ha3dozrrmy5dcmbwgq2q
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7454)
Hash 9c03bcef1646b4c7e468e4ae0c4abdd9
6fb5f578d12c58f67090a47d7a788bb7aa78fa45
da4f391e4f4b1622f30a96ecefdde1c5021427831f7724ef96d136841d4258cc
Analyzer Verdict Alert fortinet Malware
GET /index.php?p=ha3dozrrmy5dcmbwgq2q HTTP/1.1
Host: 1.somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.somenewforyou.cc/
Cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:33 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0; expires=Sat, 22-Oct-2022 21:36:33 GMT; Max-Age=2592000; path=/; domain=1.somenewforyou.cc
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
browork3er.cc/sw/bro.js
51.15.16.150200 OK 1.4 kB IP 51.15.16.150:0
Hash 57b44c6c58640afa1dbc8ea67a60dfd9
2a94bc42bbe9487e11514c56920713b98e287ea5
abf988b1596979ad8ef5719d82e2c159a2fb4023e174339344e972a74a554e5d
GET /sw/bro.js HTTP/1.1
Host: browork3er.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.somenewforyou.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:33 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Fri, 22 Sep 2023 21:36:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
1.news-fiwosu.cc/traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55
149.7.16.209200 OK 585 B URL HTTP/2 1.news-fiwosu.cc/traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
Hash 527f3c79e60fa1bd31bf672e1914fe10
8beedb8d61eb56f2156f111ca4dcb2412af9b307
271440110ca04ed51e5f8ba122b586877ed99194400204e7cc80b6c125b9275f
GET /traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55 HTTP/1.1
Host: 1.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
badrobotz.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 badrobotz.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: badrobotz.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=b9fb3eaa-bf95-4b75-9409-21ecd93b3fd0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7aa47fabaad4de196b20524cb1bcbaa
5fa667c2f0fefe76da0554de06ea69749ebc2468
60ace544c10655b6225949940c86fa292a6c9a3859bf91fb14b0c2d3f1c392db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60ACE544C10655B6225949940C86FA292A6C9A3859BF91FB14B0C2D3F1C392DB"
Last-Modified: Wed, 21 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9619
Expires: Fri, 23 Sep 2022 00:16:52 GMT
Date: Thu, 22 Sep 2022 21:36:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6fe7cd35042d037564ac0dcc1022d7c4
abcb65632e79bd00216b06b03c643b6ec05672d9
a2bf30ca51e546b1f8c59ef86f0f430e4af0e4075e5542340f883a6c6468d998
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2BF30CA51E546B1F8C59EF86F0F430E4AF0E4075E5542340F883A6C6468D998"
Last-Modified: Wed, 21 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Fri, 23 Sep 2022 03:36:06 GMT
Date: Thu, 22 Sep 2022 21:36:34 GMT
Connection: keep-alive
0.badrobotz.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 0.badrobotz.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: 0.badrobotz.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=b9fb3eaa-bf95-4b75-9409-21ecd93b3fd0; uuid=b9fb3eaa-bf95-4b75-9409-21ecd93b3fd0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48dea879b8b6bf06515663330654011c
50c4157dd26de31391959036d54cf9279f3d61fb
46f1b6f9cb7fa156ebc008f7f33b3f2cb94243d082c84def1952779b7d18f88a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46F1B6F9CB7FA156EBC008F7F33B3F2CB94243D082C84DEF1952779B7D18F88A"
Last-Modified: Thu, 22 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13709
Expires: Fri, 23 Sep 2022 01:25:03 GMT
Date: Thu, 22 Sep 2022 21:36:34 GMT
Connection: keep-alive
gobacktothefuture.biz/sw/w1s.js
62.210.11.203200 OK 7.3 kB URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.11.203:0
Hash 823de896eae05114000629759118d209
ba6fa67e8a4d636e3f9578fac6858372e89b5c6d
d2ad3dd398d01cf6d884894e1e2eadb462b1db08207cd3b687432a2288edb928
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.badrobotz.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Fri, 22 Sep 2023 21:36:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
udipedia-info.ru/static/outofwindow3.desktop/css/grid.min.css
92.38.192.253200 OK 6.6 kB URL HTTP/1.1 udipedia-info.ru/static/outofwindow3.desktop/css/grid.min.css
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (51776), with no line terminators
Hash f8fb1aa0f2245f5b541fa032c60e8992
af737c40895ebd50548947f4264ccb91e478822d
a085a0e83dc9608cff2522b8c3b65130f0d57a499b195efbd4ba23d5be1917df
GET /static/outofwindow3.desktop/css/grid.min.css HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&is_visitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:34 GMT
Content-Type: text/css
Last-Modified: Mon, 06 Jun 2022 09:56:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"629dcf67-ca40"
Content-Encoding: gzip
udipedia-info.ru/static/outofwindow3.desktop/js/app.425475d3.js
92.38.192.253200 OK 7.3 kB URL HTTP/1.1 udipedia-info.ru/static/outofwindow3.desktop/js/app.425475d3.js
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (52644)
Hash d80e670dbfd17d7d9c9fa4b63b321f85
3e88e24f1f457c2e5c8946c59cfc7c3fcfdaefd6
4a2e2430afac1ad6ebde80822b9f8e4209252f18df8a1eb19cdb1c02058d708f
GET /static/outofwindow3.desktop/js/app.425475d3.js HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&is_visitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:35 GMT
Content-Type: application/javascript
Last-Modified: Mon, 06 Jun 2022 09:56:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"629dcf67-ce07"
Content-Encoding: gzip
udipedia-info.ru/static/outofwindow3.desktop/css/style.min.css
92.38.192.253200 OK 2.9 kB URL HTTP/1.1 udipedia-info.ru/static/outofwindow3.desktop/css/style.min.css
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (10290), with no line terminators
Hash 8d6843bfbf3555395db48ca523e8b687
4d2f4f2b8e1d155dfc0b4c094ce8d7cda0dc7f10
e664cb6a7d6b39f7d9a3cc95ae10455469feca425cdae22e08364c96bc4dbdcc
GET /static/outofwindow3.desktop/css/style.min.css HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&is_visitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:35 GMT
Content-Type: text/css
Last-Modified: Mon, 06 Jun 2022 09:56:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"629dcf67-2832"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b09c9fd71d1c15d328f797be33210bb1
87a63b3af3df7f6b003bade73384597adf579ae1
7f3edbafe190ff4ca250eefe2863e0cc10c2915c7d5341774e1b9da38ea41f3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F3EDBAFE190FF4CA250EEFE2863E0CC10C2915C7D5341774E1B9DA38EA41F3E"
Last-Modified: Thu, 22 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14889
Expires: Fri, 23 Sep 2022 01:44:44 GMT
Date: Thu, 22 Sep 2022 21:36:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:36:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
udipedia-info.ru/static/outofwindow3.desktop/js/chunk-vendors.7d013537.js
92.38.192.253200 OK 91 kB URL HTTP/1.1 udipedia-info.ru/static/outofwindow3.desktop/js/chunk-vendors.7d013537.js
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (35375)
Hash d77f78e3c22a748f33f8c44cf4e5ff1d
3b38b47f94248fe37380798af8953352457dbbc2
a6c771adf69a71f90d4283a976c6195c8afa9fb6636334595696e57eab181737
GET /static/outofwindow3.desktop/js/chunk-vendors.7d013537.js HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&is_visitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:34 GMT
Content-Type: application/javascript
Last-Modified: Mon, 06 Jun 2022 09:56:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"629dcf67-4180f"
Content-Encoding: gzip
majory-wowland.ru/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
92.38.192.253200 OK 4.3 kB URL HTTP/1.1 majory-wowland.ru/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
Hash 97e66f807339cd3aa670bdddea0e7b85
942f14b8095c51b272f9e01065064ca3fe14442a
232ac528c5fbf0c198b0b168e4956acf6a88ecfad2d282bcecce453153e97cf7
GET /1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js HTTP/1.1
Host: majory-wowland.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:35 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 May 2022 11:12:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"628e0f2d-3775"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:36:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:36:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:36:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
142.250.74.10200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
IP 142.250.74.10:0
Hash 9f9220a7021a532ad68b24f0638cb0db
59861d593bcc800b1366e9a174f3aec28200d69c
eca3aaedc230229c195906bc2f4f968fe7aaed9946c3f4b7a7997f893c35c8fe
GET /css?family=Roboto:300,400,500,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 21:36:35 GMT
date: Thu, 22 Sep 2022 21:36:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://udipedia-info.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:41 GMT
expires: Thu, 21 Sep 2023 19:34:41 GMT
cache-control: public, max-age=31536000
age: 93714
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:36:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b6cce8d6ae66f45a5ba15eb478a41aac
afcf4d637d8b7430708a3d19cc231a4931d4d54c
ff1c7f5d538e8c28062b044c7739e61f4fb9a5113ba68a52a217d49fdd9e14bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF1C7F5D538E8C28062B044C7739E61F4FB9A5113BA68A52A217D49FDD9E14BC"
Last-Modified: Wed, 21 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21333
Expires: Fri, 23 Sep 2022 03:32:08 GMT
Date: Thu, 22 Sep 2022 21:36:35 GMT
Connection: keep-alive
udipedia-info.ru/service-worker.js
92.38.192.253200 OK 140 B URL HTTP/1.1 udipedia-info.ru/service-worker.js
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
Hash bca9b6b14f3b01fdc23af32a76166a31
0b7d54094a3a6f4eb2e9eb78c294666e401019f5
ecf7cd5cdd0934ee6a1ae2ecfc2bb0b165bc57d34851a8da4684609c1df50935
GET /service-worker.js HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"5ea141bd-9c"
Last-Modified: Thursday, 22-Sep-2022 21:36:35 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip
udipedia-info.ru/favicon.ico
92.38.192.253204 No Content 0 B URL HTTP/1.1 udipedia-info.ru/favicon.ico
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&is_visitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:35 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 9589094c8665013503a2d3148ccc02af
0020769fc3d43ed1ed2516f14534436289f1435a
aa83d5edda04c2dfff679fe6e602ed9c28a716aa77dd707967a28df6d2bfd5f8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 21:36:35 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 26 Sep 2022 18:35:05 GMT
ETag: "0020769fc3d43ed1ed2516f14534436289f1435a"
Last-Modified: Thu, 22 Sep 2022 18:35:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2689
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ee2d4e4acf0b4d-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00a7b7993038fc4044a7dd835fb82130
8914bca07480c74ceedd0993eaaba43678f30242
7f146ae181284e1151dbad422070331db45d8bf9b5de75d419409a712605b026
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F146AE181284E1151DBAD422070331DB45D8BF9B5DE75D419409A712605B026"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8792
Expires: Fri, 23 Sep 2022 00:03:07 GMT
Date: Thu, 22 Sep 2022 21:36:35 GMT
Connection: keep-alive
pushprofit.net/n/service-worker.js
92.38.252.165200 OK 9.4 kB URL HTTP/2 pushprofit.net/n/service-worker.js
IP 92.38.252.165:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (9436), with no line terminators
Hash 310e3de3d6f69466e50c25d7d28d020a
e2669b3cecf1572569c9aa68d5730b937d55c4db
878b30c354eefdd729b4ef9009fd59cd8642b9f0196a717ff38264e17b91dbbe
GET /n/service-worker.js HTTP/1.1
Host: pushprofit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.1
date: Thu, 22 Sep 2022 21:36:35 GMT
content-type: application/javascript
content-length: 9436
last-modified: Tue, 20 Sep 2022 11:12:34 GMT
etag: "6329a022-24dc"
accept-ranges: bytes
access-control-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 3f01a6fe4be69809cd0b0d740ab50c40
8366aca59939c8a0cfe3bc4c7732e9f8cf031375
025a3b03a1e5af9f06a8fb2d3e113c5b73410e0e440cf34869c97b20ccb77829
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72206
date: Thu, 22 Sep 2022 21:36:35 GMT
access-control-allow-origin: *
etag: "63295b76-11a0e"
expires: Thu, 22 Sep 2022 22:36:35 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
prodmp.ru/pclicks.js
193.106.93.124200 OK 0 B IP 193.106.93.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pclicks.js HTTP/1.1
Host: prodmp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:35 GMT
content-type: text/javascript
content-length: 0
set-cookie: rai=33464e37aaec008f944dcd750e241ac8; Path=/; Expires=Wed, 21-Dec-2022 21:36:35 GMT; Max-Age=7776000; Secure; HttpOnly; SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-credentials: true
X-Firefox-Spdy: h2
pgusgyzdfpj.ru/pixels/38a89e25.js
85.192.12.173200 OK 64 kB URL HTTP/2 pgusgyzdfpj.ru/pixels/38a89e25.js
IP 85.192.12.173:0
ASN #12695 LLC Digital Network
Hash 6c84524eeadd8dac115b577c0709fe4b
12b253fd7c320f434d75bc9e4eb4cfeaf2d4e717
988b16d9bec6b6d1cc9b1028ade496e02bdbf9d8655109fa641fe68a98083e82
GET /pixels/38a89e25.js HTTP/1.1
Host: pgusgyzdfpj.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 22 Sep 2022 21:36:35 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-store
last-modified: Wed, 21 Sep 2022 11:20:40 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 22 Sep 2022 21:36:36 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Thu, 22 Sep 2022 22:36:36 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
185.177.94.152200 OK 34 kB URL HTTP/2 somenewforyou.cc/go/ha3dozrrmy5dcmbwgq2q
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash feb11b01b503ebc70695a3e8f825fbcf
0d5d30ad2e57dfde68aa10f15524919ee04ad606
aec76746f00928cb361542ac942194685e551c905cd4bfff235e4664ccb8c37c
Analyzer Verdict Alert fortinet Malware
GET /go/ha3dozrrmy5dcmbwgq2q HTTP/1.1
Host: somenewforyou.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=949069c3-7016-4e5e-9e20-b05ccfdcaaa0; expires=Sat, 22-Oct-2022 21:36:32 GMT; Max-Age=2592000; path=/; domain=somenewforyou.cc
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
udipedia-info.ru/api/get-n-item?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=%5BSID%5D&utm_medium=2309&is_visitor=1&language=RU&blang=en-US&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&hash=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&project=1
92.38.192.253200 OK 4.3 kB URL HTTP/1.1 udipedia-info.ru/api/get-n-item?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=%5BSID%5D&utm_medium=2309&is_visitor=1&language=RU&blang=en-US&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&hash=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&project=1
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7881)
Hash a3ca0481ec1849fead0f45aa5850595a
b69cbe77b8e25e17502bce114c73b784fe75118f
6a2ec8f2633415a21879a92c859189dc517a175b9fbeead1e315c937fc6f3361
GET /api/get-n-item?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=%5BSID%5D&utm_medium=2309&is_visitor=1&language=RU&blang=en-US&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&hash=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&project=1 HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
udipedia-info.ru/api/get-items?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=%5BSID%5D&utm_medium=2309&is_visitor=1&language=RU&blang=en-US&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&hash=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&project=1&boost=1&count=10&r=0.8018772986399867&theme=outofwindow3&resolution_width=1280&resolution_height=1024&article=28b1502c-4f9e-4e5c-946a-de31a33c1ff4
92.38.192.253200 OK 3.3 kB URL HTTP/1.1 udipedia-info.ru/api/get-items?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=%5BSID%5D&utm_medium=2309&is_visitor=1&language=RU&blang=en-US&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&hash=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&project=1&boost=1&count=10&r=0.8018772986399867&theme=outofwindow3&resolution_width=1280&resolution_height=1024&article=28b1502c-4f9e-4e5c-946a-de31a33c1ff4
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (9785)
Hash 72a4490f5a2fc7bdd49f67234156447e
d76d42d803ab0709a7487c7d47e47285152c884d
035d4bf61df2ed10a4caee7a8f414328c7845a3e32c75fa2221fb480a20ae700
GET /api/get-items?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=%5BSID%5D&utm_medium=2309&is_visitor=1&language=RU&blang=en-US&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&hash=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&project=1&boost=1&count=10&r=0.8018772986399867&theme=outofwindow3&resolution_width=1280&resolution_height=1024&article=28b1502c-4f9e-4e5c-946a-de31a33c1ff4 HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Set-Cookie: templates_show_id=1; Path=/; Expires=Sat, 22 Oct 2022 21:36:36 GMT; Secure; SameSite=None
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4fdf4c09329019ba5699c2203a8fe27
038e0083e36718972c52138816e432e6b3e23cb9
4acb1793912ce99204ccfa41eb5b57670c81a368329d133e0dd6fd8fe936cd12
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4ACB1793912CE99204CCFA41EB5B57670C81A368329D133E0DD6FD8FE936CD12"
Last-Modified: Tue, 20 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3074
Expires: Thu, 22 Sep 2022 22:27:50 GMT
Date: Thu, 22 Sep 2022 21:36:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 90c737bb0f4188147460e176c98ec132
789201c8f681299c5d0831bdc1c2bb0da574229b
4b339ed8f2ca648f3903f4e17e1332150c1ebd1128aff1cd42cfddb958b9dc96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B339ED8F2CA648F3903F4E17E1332150C1EBD1128AFF1CD42CFDDB958B9DC96"
Last-Modified: Thu, 22 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10271
Expires: Fri, 23 Sep 2022 00:27:47 GMT
Date: Thu, 22 Sep 2022 21:36:36 GMT
Connection: keep-alive
track-mixer.ru/image.gif?sid9=preview&utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&client_id=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&category=0&resolution_width=1280&resolution_height=1024&connection_speed=&is_visitor=1
85.192.12.187200 OK 43 B URL HTTP/1.1 track-mixer.ru/image.gif?sid9=preview&utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&client_id=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&category=0&resolution_width=1280&resolution_height=1024&connection_speed=&is_visitor=1
IP 85.192.12.187:0
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /image.gif?sid9=preview&utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&client_id=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2&category=0&resolution_width=1280&resolution_height=1024&connection_speed=&is_visitor=1 HTTP/1.1
Host: track-mixer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://udipedia-info.ru
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 22 Sep 2022 21:36:36 GMT
Pragma: no-cache
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiMCIsImRjIjoxLCJiIjoiRmlyZWZveCIsImJ2IjoiOTYifSwibCI6eyJyIjoiIiwibiI6MjAwNDd9fQ==; Path=/; Expires=Sat, 22 Oct 2022 21:36:36 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoibmV3cy1jZWQ0NGE4Mi0xZTczLTRlNmYtYmI5Yy0yYjM4NWVlNzY0YzIiLCJkX29mZnNldCI6LTF9; Path=/; Expires=Sat, 22 Oct 2022 21:36:36 GMT; Secure; SameSite=None
article=28b1502c-4f9e-4e5c-946a-de31a33c1ff4; Path=/; Expires=Sat, 22 Oct 2022 21:36:36 GMT; Secure; SameSite=None
dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&dmp_print_id=9e4947f35751465411fd1a4f5c358c78
85.192.12.174200 OK 161 B URL HTTP/2 dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&dmp_print_id=9e4947f35751465411fd1a4f5c358c78
IP 85.192.12.174:0
ASN #12695 LLC Digital Network
File type JSON data\012- , ASCII text, with no line terminators
Hash c19374814717d5aace3e6973ccdab272
ee9d0477aaf6e3d17d50eab57d5d579e482081bf
ca63c4a0b70328f9115485fb80c5df7759e617abec7e8105e69d6019f7d72a3f
GET /matching/internal?event=view&aid=0&ssp_id=8&href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&dmp_print_id=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://udipedia-info.ru/
Origin: https://udipedia-info.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 22 Sep 2022 21:36:36 GMT
content-type: application/json
content-length: 161
access-control-allow-origin: https://udipedia-info.ru
set-cookie: uid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78; expires=Thu, 22 Sep 2022 23:36:36 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
udipedia-info.ru/images/news/rectangular/fb5eb247cfe3495feca406031aa8005c.png
92.38.192.253200 OK 256 kB URL HTTP/1.1 udipedia-info.ru/images/news/rectangular/fb5eb247cfe3495feca406031aa8005c.png
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type PNG image data, 492 x 328, 8-bit/color RGBA, non-interlaced\012- data
Size 256 kB (256059 bytes)
Hash 688964c7d60391395d299df53aa59301
6f13cd60e69376f2be63b85bc72b9374dc35b51a
7a809bbc546dbbb2281d2d44f3caa89cc5bb39efc032a4bad191b7eef62b154c
GET /images/news/rectangular/fb5eb247cfe3495feca406031aa8005c.png HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: image/png
Content-Length: 256059
Last-Modified: Mon, 11 Jul 2022 07:23:33 GMT
Connection: keep-alive
ETag: "62cbcff5-3e83b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
udipedia-info.ru/images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg
92.38.192.253200 OK 32 kB URL HTTP/1.1 udipedia-info.ru/images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Hash b5caf78e83b265f2cc1291ce033fcf8c
7a19d6c2ee676e353ecf5134ad6692104734a38c
23af3cab2aa895b0a895b78d35674e5c9ee1e60d2e87b8a72174271c8a58ac4f
GET /images/titems/rectangular/303b88b39fdc4a1a8a240f46a40d3a8e.jpg HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2; _ym_isad=2; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: image/jpeg
Content-Length: 32415
Last-Modified: Mon, 17 May 2021 09:39:45 GMT
Connection: keep-alive
ETag: "60a239e1-7e9f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
udipedia-info.ru/images/titems/rectangular/d9908fb499618793729bc0dac9d28462.jpg
92.38.192.253200 OK 41 kB URL HTTP/1.1 udipedia-info.ru/images/titems/rectangular/d9908fb499618793729bc0dac9d28462.jpg
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Hash 304d463027e8d83d8c711c4d481c1ca2
d031f101d8cba7a8798188457487ae493587e7cc
f4b02d869aa511156f0d0f90a0271abe7f1a8db39b1d15830dc84a1aeacf4adf
GET /images/titems/rectangular/d9908fb499618793729bc0dac9d28462.jpg HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2; _ym_isad=2; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: image/jpeg
Content-Length: 40884
Last-Modified: Fri, 07 May 2021 09:41:12 GMT
Connection: keep-alive
ETag: "60950b38-9fb4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
prodmp.ru/pclicks/demography?domain=udipedia-info.ru
193.106.93.124200 OK 3 B URL HTTP/2 prodmp.ru/pclicks/demography?domain=udipedia-info.ru
IP 193.106.93.124:0
File type JSON data\012- , ASCII text
Hash 58e0494c51d30eb3494f7c9198986bb9
cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
GET /pclicks/demography?domain=udipedia-info.ru HTTP/1.1
Host: prodmp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://udipedia-info.ru/
Origin: https://udipedia-info.ru
Connection: keep-alive
Cookie: rai=33464e37aaec008f944dcd750e241ac8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:36 GMT
content-type: application/json
content-length: 3
access-control-allow-credentials: true
access-control-allow-origin: https://udipedia-info.ru
X-Firefox-Spdy: h2
dmpprof.com/enr?href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26language%3Dru%26uid%3Dtemp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78%26sid9%3Dpreview&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-
85.192.12.174200 OK 2 B URL HTTP/2 dmpprof.com/enr?href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26language%3Dru%26uid%3Dtemp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78%26sid9%3Dpreview&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-
IP 85.192.12.174:0
ASN #12695 LLC Digital Network
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /enr?href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26language%3Dru%26uid%3Dtemp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78%26sid9%3Dpreview&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20- HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://udipedia-info.ru/
Content-Type: text/plain;charset=UTF-8
Origin: https://udipedia-info.ru
Content-Length: 10
Connection: keep-alive
Cookie: uid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 22 Sep 2022 21:36:36 GMT
content-type: text/plain; charset=utf-8
content-length: 2
set-cookie: enrich_data_v2_5=1663882596; expires=Thu, 06 Oct 2022 21:36:36 GMT; path=/; secure; SameSite=None
access-control-allow-origin: https://udipedia-info.ru
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
X-Firefox-Spdy: h2
udipedia-info.ru/images/titems/rectangular/da933be73eda8973257aaab32852dd07.png
92.38.192.253200 OK 215 kB URL HTTP/1.1 udipedia-info.ru/images/titems/rectangular/da933be73eda8973257aaab32852dd07.png
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type PNG image data, 492 x 328, 8-bit/color RGBA, non-interlaced\012- data
Size 215 kB (214800 bytes)
Hash a79ef9120d4b610d3863826de80d0567
170812d391edeb7d9802a58aa90496907413ce84
a4f462ca37d0fd0e8e5249d4303827f13799ce02de4449e440b1edcbeb3966c6
GET /images/titems/rectangular/da933be73eda8973257aaab32852dd07.png HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2; _ym_isad=2; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: image/png
Content-Length: 214800
Last-Modified: Mon, 24 May 2021 10:43:27 GMT
Connection: keep-alive
ETag: "60ab834f-34710"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
udipedia-info.ru/images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg
92.38.192.253200 OK 53 kB URL HTTP/1.1 udipedia-info.ru/images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Hash 8b3afd19efb3a5c533104143dc4bfd2d
54047e59ac85fe49284b7a3ab112d9e38b2dd70e
8827e97c3acc5aa46e17afe33992ca6873a6a21c2ba4c9636df7b4ce9e99a2e6
GET /images/titems/rectangular/2ff8e45194da26da56eaaa7b61d5b3db.jpg HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2; _ym_isad=2; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: image/jpeg
Content-Length: 53021
Last-Modified: Sun, 16 May 2021 15:16:35 GMT
Connection: keep-alive
ETag: "60a13753-cf1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
udipedia-info.ru/images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg
92.38.192.253200 OK 64 kB URL HTTP/1.1 udipedia-info.ru/images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3\012- data
Hash 167456a0a70e6ba9ad8c2a4d97159c35
daab43afa39def914cfc353d5931bbf109314980
628680c65e853e7fc4490c6729618581308ecec8ae9da2273ad04e12afa5376c
GET /images/titems/rectangular/3ac437aeadacdd42158835a008e9f5ff.jpg HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&sid9=preview&uid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=news-ced44a82-1e73-4e6f-bb9c-2b385ee764c2; _ym_isad=2; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: image/jpeg
Content-Length: 64249
Last-Modified: Thu, 08 Apr 2021 12:50:28 GMT
Connection: keep-alive
ETag: "606efc14-faf9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
dprof.site/matching/mapping?uid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78
85.192.12.174200 OK 17 B URL HTTP/2 dprof.site/matching/mapping?uid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78
IP 85.192.12.174:0
ASN #12695 LLC Digital Network
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
GET /matching/mapping?uid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: dprof.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://udipedia-info.ru/
Origin: https://udipedia-info.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 22 Sep 2022 21:36:36 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: https://udipedia-info.ru
set-cookie: uid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78; expires=Thu, 22 Sep 2022 23:36:36 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf18043bfa3524c6c8d622e0b1624378
4714c3c9370e55321b8e5aae8a0d6e7ba0010448
9d193de121e097f852c86ff5f1c784c0a71f6b4447677582ffcbb904e848392e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D193DE121E097F852C86FF5F1C784C0A71F6B4447677582FFCBB904E848392E"
Last-Modified: Thu, 22 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3531
Expires: Thu, 22 Sep 2022 22:35:27 GMT
Date: Thu, 22 Sep 2022 21:36:36 GMT
Connection: keep-alive
mc.yandex.ru/watch/51842675/1?wmode=7&page-url=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&page-ref=https%3A%2F%2F0.badrobotz.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A466%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1278957049227%3Ahid%3A33758507%3Az%3A0%3Ai%3A20220922213635%3Aet%3A1663882595%3Ac%3A1%3Arn%3A878258004%3Arqn%3A1%3Au%3A166388259582609430%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A85%2C193%2C72%2C1%2C%2C0%2C%2C358%2C1%2C%2C%2C%2C726%3Ans%3A1663882593969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663882595%3At%3A%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.251.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/51842675/1?wmode=7&page-url=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&page-ref=https%3A%2F%2F0.badrobotz.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A466%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1278957049227%3Ahid%3A33758507%3Az%3A0%3Ai%3A20220922213635%3Aet%3A1663882595%3Ac%3A1%3Arn%3A878258004%3Arqn%3A1%3Au%3A166388259582609430%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A85%2C193%2C72%2C1%2C%2C0%2C%2C358%2C1%2C%2C%2C%2C726%3Ans%3A1663882593969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663882595%3At%3A%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash d5582fbecb1b263071ba33811bc434ee
096c50b15e023fccf240b6dbbc3fd6a783a91ecf
1bd884e9b3270365a70dd055955ba63ff3e4b1d984521b28c6fcdac9dc56fda3
GET /watch/51842675/1?wmode=7&page-url=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&page-ref=https%3A%2F%2F0.badrobotz.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A466%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1278957049227%3Ahid%3A33758507%3Az%3A0%3Ai%3A20220922213635%3Aet%3A1663882595%3Ac%3A1%3Arn%3A878258004%3Arqn%3A1%3Au%3A166388259582609430%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A85%2C193%2C72%2C1%2C%2C0%2C%2C358%2C1%2C%2C%2C%2C726%3Ans%3A1663882593969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663882595%3At%3A%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://udipedia-info.ru
Referer: https://udipedia-info.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Thu, 22 Sep 2022 21:36:36 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://udipedia-info.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 22-Sep-2022 21:36:36 GMT
last-modified: Thu, 22-Sep-2022 21:36:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ad7c4f0a81fee0bd021875dec50a0a0
609f06a7f137688646e495e273537b0b76adb5f9
097619c12232a82a2a62098c513feca7d117ce7f08f4357eb301cfd7c6883205
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "097619C12232A82A2A62098C513FECA7D117CE7F08F4357EB301CFD7C6883205"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2423
Expires: Thu, 22 Sep 2022 22:16:59 GMT
Date: Thu, 22 Sep 2022 21:36:36 GMT
Connection: keep-alive
udipedia-info.ru/api/set-view
92.38.192.253200 OK 54 B URL HTTP/1.1 udipedia-info.ru/api/set-view
IP 92.38.192.253:0
ASN #12695 LLC Digital Network
File type JSON data\012- , ASCII text
Hash 572f696ba78407d29a312fc89bf12321
92ac66c82b6157802d5943b398088d5185576863
15e98256a783d6bd1d0c4145d6e54716cf24571aae2877f799f9516cc3dd834f
POST /api/set-view HTTP/1.1
Host: udipedia-info.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2890
Origin: https://udipedia-info.ru
Connection: keep-alive
Referer: https://udipedia-info.ru/preview/new?utm_campaign=41986&utm_content=28b1502c-4f9e-4e5c-946a-de31a33c1ff4&utm_source=[SID]&utm_medium=2309&language=ru&uid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78&sid9=preview
Cookie: _ym_uid=166388259582609430; _ym_d=1663882595; duid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78; _ym_isad=2; templates_show_id=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.4
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
dmg.digitaltarget.ru/2/?a=850
185.15.175.131200 OK 26 B URL HTTP/1.1 dmg.digitaltarget.ru/2/?a=850
IP 185.15.175.131:0
File type JSON data\012- , ASCII text
Hash 82b19061f4d25d99ed290a050ea7d5d4
f367d4f73de102dfbd21283d54e88e82cba8f043
5d3c81d38fa32915be4a76abd4173e77b0cc342b91643f8ef994a2bbe26abad9
GET /2/?a=850 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://udipedia-info.ru/
Origin: https://udipedia-info.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 21:36:36 GMT
Content-Type: text/json
Content-Length: 26
Connection: keep-alive
Access-Control-Allow-Origin: https://udipedia-info.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Origin, Content-Type
dmpprof.com/enr?href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26language%3Dru%26uid%3Dtemp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78%26sid9%3Dpreview&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-
85.192.12.174200 OK 2 B URL HTTP/2 dmpprof.com/enr?href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26language%3Dru%26uid%3Dtemp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78%26sid9%3Dpreview&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-
IP 85.192.12.174:0
ASN #12695 LLC Digital Network
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /enr?href=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26language%3Dru%26uid%3Dtemp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78%26sid9%3Dpreview&title=%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20- HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://udipedia-info.ru/
Content-Type: text/plain;charset=UTF-8
Origin: https://udipedia-info.ru
Content-Length: 39
Connection: keep-alive
Cookie: uid=temp-91.90.42.154-9e4947f35751465411fd1a4f5c358c78; enrich_data_v2_5=1663882596
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 22 Sep 2022 21:36:36 GMT
content-type: text/plain; charset=utf-8
content-length: 2
set-cookie: enrich_data_v2_2=1663882596; expires=Thu, 06 Oct 2022 21:36:36 GMT; path=/; secure; SameSite=None
access-control-allow-origin: https://udipedia-info.ru
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e5m6NaDUH_3GPDkxbk6iKhffSJzyYMA97Illy7mtg9um3jcYBR6TXQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:11:23 GMT
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
age: 84316
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
2.news-fiwosu.cc/traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55
149.7.16.209200 OK 0 B URL HTTP/2 2.news-fiwosu.cc/traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
GET /traffback.php?site=8049633&sub1=&sub2=&sub3=&sub4=&land=55 HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.11.203200 OK 0 B URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.11.203:0
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://badrobotz.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:33 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Fri, 22 Sep 2023 21:36:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
browork3er.cc/sw/bro.js
51.15.16.150200 OK 0 B IP 51.15.16.150:0
GET /sw/bro.js HTTP/1.1
Host: browork3er.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.somenewforyou.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:33 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Fri, 22 Sep 2023 21:36:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
news-fiwosu.cc/tds.php?sid=8049633&p1=&fullscreen=1
149.7.16.209302 Found 0 B URL HTTP/2 news-fiwosu.cc/tds.php?sid=8049633&p1=&fullscreen=1
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
GET /tds.php?sid=8049633&p1=&fullscreen=1 HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: text/html; charset=UTF-8
location: https://news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
cache-control: no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2
news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
149.7.16.209200 OK 0 B URL HTTP/2 news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4= HTTP/1.1
Host: news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:31 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8; expires=Thu, 22-Sep-2022 22:36:31 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
browork3er.cc/sw/bro.js
51.15.16.150200 OK 0 B IP 51.15.16.150:0
GET /sw/bro.js HTTP/1.1
Host: browork3er.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://somenewforyou.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:33 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Fri, 22 Sep 2023 21:36:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
mc.yandex.ru/watch/51842675?wmode=7&page-url=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&page-ref=https%3A%2F%2F0.badrobotz.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A466%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1278957049227%3Ahid%3A33758507%3Az%3A0%3Ai%3A20220922213635%3Aet%3A1663882595%3Ac%3A1%3Arn%3A878258004%3Arqn%3A1%3Au%3A166388259582609430%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A85%2C193%2C72%2C1%2C%2C0%2C%2C358%2C1%2C%2C%2C%2C726%3Ans%3A1663882593969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663882595%3At%3A%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/51842675?wmode=7&page-url=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&page-ref=https%3A%2F%2F0.badrobotz.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A466%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1278957049227%3Ahid%3A33758507%3Az%3A0%3Ai%3A20220922213635%3Aet%3A1663882595%3Ac%3A1%3Arn%3A878258004%3Arqn%3A1%3Au%3A166388259582609430%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A85%2C193%2C72%2C1%2C%2C0%2C%2C358%2C1%2C%2C%2C%2C726%3Ans%3A1663882593969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663882595%3At%3A%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
GET /watch/51842675?wmode=7&page-url=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&page-ref=https%3A%2F%2F0.badrobotz.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A466%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1278957049227%3Ahid%3A33758507%3Az%3A0%3Ai%3A20220922213635%3Aet%3A1663882595%3Ac%3A1%3Arn%3A878258004%3Arqn%3A1%3Au%3A166388259582609430%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A85%2C193%2C72%2C1%2C%2C0%2C%2C358%2C1%2C%2C%2C%2C726%3Ans%3A1663882593969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663882595%3At%3A%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://udipedia-info.ru
Connection: keep-alive
Referer: https://udipedia-info.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/51842675/1?wmode=7&page-url=https%3A%2F%2Fudipedia-info.ru%2Fpreview%2Fnew%3Futm_campaign%3D41986%26utm_content%3D28b1502c-4f9e-4e5c-946a-de31a33c1ff4%26utm_source%3D%5BSID%5D%26utm_medium%3D2309%26is_visitor%3D1&page-ref=https%3A%2F%2F0.badrobotz.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A466%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1278957049227%3Ahid%3A33758507%3Az%3A0%3Ai%3A20220922213635%3Aet%3A1663882595%3Ac%3A1%3Arn%3A878258004%3Arqn%3A1%3Au%3A166388259582609430%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A85%2C193%2C72%2C1%2C%2C0%2C%2C358%2C1%2C%2C%2C%2C726%3Ans%3A1663882593969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663882595%3At%3A%D0%9E%D1%87%D0%BD%D1%83%D0%BB%D0%B0%D1%81%D1%8C%20%D0%B2%20%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D0%B5%3A%20%D0%B3%D0%B8%D0%BC%D0%BD%D0%B0%D1%81%D1%82%D0%BA%D1%83%20%D0%B8%D0%B7%D0%BD%D0%B0%D1%81%D0%B8%D0%BB%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8%20100%20%D1%80%D0%B0%D0%B7%20-&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 22 Sep 2022 21:36:36 GMT
access-control-allow-origin: https://udipedia-info.ru
set-cookie: yandexuid=9617025731663882596; Expires=Fri, 22-Sep-2023 21:36:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9617025731663882596; Expires=Fri, 22-Sep-2023 21:36:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1947151201663882596; Path=/; SameSite=None; Secure
i=7UbciAhSK9qse7gn68oONf7hoiTbRtm6cEJCrioOLW8hk1phZ7825EsatXeAmVdtlTA/rIs7VBQHPOd+V30dOlNU5No=; Expires=Sun, 19-Sep-2032 21:36:35 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695418596.yrts.1663882596#1695418596.yrtsi.1663882596; Expires=Fri, 22-Sep-2023 21:36:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 22-Sep-2022 21:36:36 GMT
last-modified: Thu, 22-Sep-2022 21:36:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
149.7.16.209200 OK 0 B URL HTTP/2 2.news-fiwosu.cc/lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4=
IP 149.7.16.209:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/55/?site=8049633&sub1=&sub2=&sub3=&sub4= HTTP/1.1
Host: 2.news-fiwosu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-fiwosu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:36:32 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA0OTYzM3w6fDU1fDp8fDp8fDp8fDp8; expires=Thu, 22-Sep-2022 22:36:32 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2