dusunfloraer.com/4/4520243/
139.45.197.238200 OK 681 B URL HTTP/1.1 dusunfloraer.com/4/4520243/
IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4c18553ed224ac12bd1c16a27b1feb0
218e6f05d1f4063d75a2d15384d2b0985f825470
dbd35131393cf2a5df4df88914109badc4759512efd295a9e15b952f979e0bde
Analyzer Verdict Alert quad9 Sinkholed
GET /4/4520243/ HTTP/1.1
Host: dusunfloraer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:26:56 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: a1829fb22aacd6e41be419dc6ef94c74
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://top-bo-2023.ru>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=8c99d123ca9b405490e9df9532ecc723; expires=Wed, 27 Mar 2024 07:26:56 GMT; path=/
oaidts=1679988416; expires=Wed, 27 Mar 2024 07:26:56 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Tue, 28 Mar 2023 09:11:23 GMT
Date: Tue, 28 Mar 2023 07:26:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6317
Expires: Tue, 28 Mar 2023 09:12:13 GMT
Date: Tue, 28 Mar 2023 07:26:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 06:28:00 GMT
content-type: application/json
age: 3536
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13321
Expires: Tue, 28 Mar 2023 11:08:57 GMT
Date: Tue, 28 Mar 2023 07:26:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZcvOvzmGbuZD3j2ts7KToWT2oETZNf7e0enzbg++jfoI3gbQBAgWRqrCSp9lFnm0QcfRlMPmU+o=
x-amz-request-id: QS47FTD3HKEYBJZW
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 06:56:07 GMT
age: 1849
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 07:26:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 56d72c7381344b08be112103e1b5c782
a4c58387755def675fbee69c29e661582faf2ade
8608aa7074c50ed5356aeb60c8445e5c0bdc3de4f701b8f8f5520f516ddc4c42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8608AA7074C50ED5356AEB60C8445E5C0BDC3DE4F701B8F8F5520F516DDC4C42"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6328
Expires: Tue, 28 Mar 2023 09:12:24 GMT
Date: Tue, 28 Mar 2023 07:26:56 GMT
Connection: keep-alive
dusunfloraer.com/favicon.ico
139.45.197.238204 No Content 0 B URL HTTP/1.1 dusunfloraer.com/favicon.ico
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: dusunfloraer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=8c99d123ca9b405490e9df9532ecc723; oaidts=1679988416
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 28 Mar 2023 07:26:56 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
my.rtmark.net/img.gif?f=merge&userId=8c99d123ca9b405490e9df9532ecc723
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=8c99d123ca9b405490e9df9532ecc723
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=8c99d123ca9b405490e9df9532ecc723 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 07:26:56 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8c99d123ca9b405490e9df9532ecc723; expires=Wed, 27 Mar 2024 07:26:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e72c62b5e22168e9b9aca4b59a88d5c6
83dc7279696694b159242312aeeacf0cb3426222
1bf6ecfc48864840b02ec85ed03e4ee2079185b90a13296f6db3b81bd3f975df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BF6ECFC48864840B02EC85ED03E4EE2079185B90A13296F6DB3B81BD3F975DF"
Last-Modified: Mon, 27 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10475
Expires: Tue, 28 Mar 2023 10:21:31 GMT
Date: Tue, 28 Mar 2023 07:26:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 07:14:35 GMT
age: 742
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
top-bo-2023.ru/6lendings/propellerads/campaign-ads/?place_id=4520243&campaign_id=6784519&adv_id=17270670&?clickid=664482174938129356&rdk=rk1
109.107.35.198302 Found 605 B URL HTTP/2 top-bo-2023.ru/6lendings/propellerads/campaign-ads/?place_id=4520243&campaign_id=6784519&adv_id=17270670&?clickid=664482174938129356&rdk=rk1
IP 109.107.35.198:0
ASN #51059 Brightbox Systems Ltd
File type gzip compressed data, from Unix\012- data
Hash 36897036955fc8fc54238b44aaf88a5b
005733f991666b19adb7245ff7fe3f76e1c8ba66
beedd6b3adc35e6dca6c5d9e5911290633775b7ce88dea09e52939d8b0d0355f
GET /6lendings/propellerads/campaign-ads/?place_id=4520243&campaign_id=6784519&adv_id=17270670&?clickid=664482174938129356&rdk=rk1 HTTP/1.1
Host: top-bo-2023.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.10.3
date: Tue, 28 Mar 2023 07:26:56 GMT
content-type: text/html; charset=UTF-8
set-cookie: cpa_was_here_bin_gd=1; expires=Fri, 28-Apr-2023 07:26:56 GMT; Max-Age=2678400; path=/; domain=top-bo-2023.ru
cpa_parents=%7B%22bin.gd%22%3A%2220230328072656x90919%22%7D; expires=Fri, 28-Apr-2023 07:26:56 GMT; Max-Age=2678400; path=/; domain=top-bo-2023.ru
location: http://bin.gd/lp/effective-investments/?partner_id=p22359p140107paa88&subid=20230328072656x90919
X-Firefox-Spdy: h2
bin.gd/api/v1/domains
104.21.28.68200 OK 2.1 kB IP 104.21.28.68:0
File type JSON data\012- , ASCII text, with very long lines (5307), with no line terminators
Hash 3acf9235993d2096099bfd257b9fd53a
5e0157ae2d1e8cb670ac4e921b4daaf44d056106
22fff93bfbdf4cb2716d743593a27712ed4ee918cb5b16b65d2c3227d37f52dd
GET /api/v1/domains HTTP/1.1
Host: bin.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bin.gd/lp/effective-investments/?partner_id=p22359p140107paa88&subid=20230328072656x90919
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 07:26:57 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, private
access-control-allow-origin: *
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwnBdicc5673YMn9%2BKGN2lMG6Xy6etj3Q9uMKojVp7fHhoITTGbP5lkl5CuLkJ3IIu4icTltkYNPy18WDJQYNHgM1QyGKvDKBCGvEebw%2Fvcu9co3Kl1236A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aee25d6e9ecb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
bin.gd/lp/effective-investments/favicon.png
104.21.28.68200 OK 598 B URL HTTP/1.1 bin.gd/lp/effective-investments/favicon.png
IP 104.21.28.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3a1fe3d265741781438ee0909bb95adc
48833ef3a0176ed036905a4ace87464a65123c5c
ce90035c1e0b69aef2cfe862b1a7ae6ffeb024ca687ce2ee11546ba87d5480ef
GET /lp/effective-investments/favicon.png HTTP/1.1
Host: bin.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bin.gd/lp/effective-investments/?partner_id=p22359p140107paa88&subid=20230328072656x90919
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 07:26:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:55:35 GMT
Via: 1.1 google
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5263
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FJ4wXcIIBFna6FUhzOFePvAwIQyX2vL74yYCrCvkrRfquufy6%2BFjDU6RuhutnBQ26gVsZNUQJXT0%2BPIWU%2BjSdDG2Umehbqg692bJeDLL0kRSV1ci4HupSM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aee25d75aa7b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76a0aba3ddb470751c690f5a725159f2
8cb789e8e0dfa336270700ef1e607173f2aee6cd
e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4423
Expires: Tue, 28 Mar 2023 08:40:40 GMT
Date: Tue, 28 Mar 2023 07:26:57 GMT
Connection: keep-alive
binarium.cool/api/v1/health-check
172.67.144.233200 OK 16 B URL HTTP/2 binarium.cool/api/v1/health-check
IP 172.67.144.233:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /api/v1/health-check HTTP/1.1
Host: binarium.cool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bin.gd/
Origin: http://bin.gd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:57 GMT
content-type: application/json
content-length: 16
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKbuySXveoruKFd4cY%2Fkk29jM2r7CLw4CnAuehXhIAeWrBMGJOcymudfueNvqKJDZpcEIlemgeUuIfppYtJAeKiClCQpmpYOJCtbE4H8Fi77dCOQf5zTtjMBSp5Q%2BhOg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aee25d8adceb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.188.53.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.188.53.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: go5ubNw8+/g9KreuIrjgKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QTvDqzbwgBVqPHFfT7KTSny7bXc=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 07:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto&display=swap
142.250.74.74200 OK 44 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto&display=swap
IP 142.250.74.74:0
Hash a7b5b87d07e925491e58b4e773cacb2c
bbd76dba2df22c45ce015428fb5f17338471a133
5a7793903448482468e446451783a146faa0e7a3f1204c31bf01873c86e2a6f9
GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Mar 2023 07:26:57 GMT
date: Tue, 28 Mar 2023 07:26:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.74200 OK 811 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.74:0
Hash ae2481a4b21b473f7a899989495a3192
fb571bab9771ec55f4b26e4bd7c2fb732ce081e4
98ae0d45ba084df6b394a966252c6183ce01b9c4c62e8cd7df7e1355074f989b
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Mar 2023 07:26:57 GMT
date: Tue, 28 Mar 2023 07:26:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 3.7 kB IP 142.250.74.131:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash aaa249b0430b1c2be742db7316b21b52
28dc8862dd4b2b18f78a3f6af2674c83ba6b7e9e
5d30e252c0285d95919568ca05c80f33427d76b3da52925765ab4b7d85088460
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 07:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.142200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 28 Mar 2023 06:05:11 GMT
expires: Tue, 28 Mar 2023 08:05:11 GMT
cache-control: public, max-age=7200
age: 4906
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7e2d8156baac12231cc9cbfdefedacf1
62384d8842fb5b560ac39636bb519953e22dc664
ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 07:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 06513ee79ef79db75879e0c67827e94a
beb7a51af9a1759b73aac2a2f405ba082559991a
28ea80a07aeeed866a7369cbae2daf721aea34ec7e4cceed4700a2fc4768bc26
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 07:26:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 01 Apr 2023 04:41:41 GMT
ETag: "beb7a51af9a1759b73aac2a2f405ba082559991a"
Last-Modified: Tue, 28 Mar 2023 04:41:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1923
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aee25e02d81b4f1-OSL
api.isas.info/api/v1/users/self/geolocation
172.67.137.223200 OK 709 B URL HTTP/2 api.isas.info/api/v1/users/self/geolocation
IP 172.67.137.223:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 48dd2ff0d6876070ce8254a320c116c5
c0a739274b51154d16528e91d7b746abdbed5a0f
1b707c15807193b51ec3eaaff358948f9c3f4107e63d73fb26bf97248917a4a4
GET /api/v1/users/self/geolocation HTTP/1.1
Host: api.isas.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://binarium.cool
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:58 GMT
content-type: application/json
x-powered-by: PHP/8.1.12
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-JWT, X-EXTRA-JWT, If-Modified-Since, Cache-Control, Content-Type, Accept-Language, Fingerprint, g-recaptcha-response
access-control-expose-headers: X-Pagination-Size
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eBCLeX5Q%2FkYOKCvcGkyXDeL3VxOLiul99d2j1r%2BWxQYgbbu0lLD%2B1xXHsNHp8%2BnT3n6wac6%2FI4YMmZjztv7OS1K5vvPf97xwCX0yi%2Blq55FJzYFDmLx%2BplZu9FykrNE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aee25ddeedb0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 272 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 1424x942, components 3\012- data
Size 272 kB (271703 bytes)
Hash 5f806f45d8e8731adf94279c50dd6a7f
f275a8fc7c4e38a989098e5699ca1cf0c5897eb6
1af0d2ec4e59f482d66e4e7e0812cda3f93f49741fedff22967a6d674fdb3a1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2880
Expires: Tue, 28 Mar 2023 08:14:58 GMT
Date: Tue, 28 Mar 2023 07:26:58 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2880
Expires: Tue, 28 Mar 2023 08:14:58 GMT
Date: Tue, 28 Mar 2023 07:26:58 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2880
Expires: Tue, 28 Mar 2023 08:14:58 GMT
Date: Tue, 28 Mar 2023 07:26:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png
34.120.237.76200 OK 32 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png
IP 34.120.237.76:0
File type JPEG image data, baseline, precision 8, 97x97, components 3\012- data
Hash 014bce26c4b32baebfae3b7833c1c4a5
d073998dbeff4a41257d9775155802bf994518a6
4177794c327facc01947ab768de40c1bde6a72a25775d04dddc8460c797629d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 20349
x-amzn-requestid: 8e810007-5602-40d0-b103-da5421381d67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbpjHdcoAMFSuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220ca3-22f4671a5cd5fab36268ae3f;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:39 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -rX6JXPNzVJyz9ykqPUCTNBUK9NOK2CAwrrVNPsoVfCDIEeH3AS3bQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:55:30 GMT
age: 34288
etag: "d76b3958471b2ed70a2b52f078ec638748fdb441"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
34.120.237.76200 OK 33 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
IP 34.120.237.76:0
Hash 2ce468397ef3a4ed9752e9691dbac3a1
329d5357b871392ced11885fae46d424f31f0e0b
76ce896ac20bf97457c63b2317fea2775f8f44ca8c72835b7581e8c80c27b835
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6542
x-amzn-requestid: 1106a670-cf68-4e3d-b5af-3013407acc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbsjGAaoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-726c7ba02ddb31182834d82d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: hWI0gKHs2830OtWE9Or5YEsE4aQSNLzf85--OGAQEqPEN-6bgWBbFw==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:05:26 GMT
age: 33692
etag: "cfe8cd953330252e15594f403e2f38ec56acdfd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdcsgGZsoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: JDa9YUJ9xo5mo8tb7poZC8XJDp6USTidZjWEwTZCrioJxR7vur6uJw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:00:12 GMT
age: 34006
etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
Hash 7b4af96bd0f2f103462daa9e8ee3bbb6
a3854aad8853b0d40658fec5095900b4b0443b40
5ffc3dd918014d49bd3abf2d1bb4a37cae031a97a665eb990016d5f7af35e6a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: wlc65ytdELa_faMSddEDHZNsbtF1_CgMOho3W3BvkaOSrFyAkKUagg==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:43:57 GMT
age: 34981
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.isas.info/api/v1/currencies
172.67.137.223200 OK 56 kB URL HTTP/2 api.isas.info/api/v1/currencies
IP 172.67.137.223:0
File type JSON data\012- , ASCII text, with very long lines (2321), with no line terminators
Hash f35f6a9722a931fe4cbe1ecfb1504207
ea73ec3fd022878bc7fd1fa63c786051c1232917
7b816f3c9c8d752868975007b0ee7a7c0d14650a85aa7f0ac702efa0e17b413e
GET /api/v1/currencies HTTP/1.1
Host: api.isas.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Origin: https://binarium.cool
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:58 GMT
content-type: application/json
x-powered-by: PHP/8.1.12
cache-control: max-age=60, public, s-maxage=60
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-JWT, X-EXTRA-JWT, If-Modified-Since, Cache-Control, Content-Type, Accept-Language, Fingerprint, g-recaptcha-response
access-control-expose-headers: X-Pagination-Size
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciA%2FNCMPL4M3MMn8Qg4hFnca4zHxb3yTmcgD2bxIQKdBHFE49tb5ooWa3vioAEUAi5644gKbZ3TzKgn9cPTPcONexPWkir6GHdDYv%2F31pnCASOj0136o%2Fvn6nu1etMeO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aee25decfca0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11e0f4bc8f80c5009c099d6a371950e0
60b1df4be988d5e60b7834e39a12e3524fe0a767
c3149c1d902c6889bdab0287f69771a247ab21c6a5ad50cba0f200db561445b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11674
x-amzn-requestid: b3fa7a9c-bf5c-44df-96ed-546f4da8f794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cb5i3GN7oAMF1LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64216fab-2f380b4972056b6c64703e55;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 10:27:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: GN5sLhd8yUOi_odvkY8SIx0DDtXfUQ1HxLRrdOqFHjcqjIuM1KXDyA==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 10:27:55 GMT
age: 75543
etag: "60b1df4be988d5e60b7834e39a12e3524fe0a767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 718fd0a69c546765a1e4fb756d2c6660
f179206be32ab202458745c8b5b009faf236ba72
971bd81d829ea0f8aa54ef71cce89a5b8e1f1e4a87cb94c206770b2a233ccf0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 07:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-98294941-1&cid=1503674469.1679988438&jid=2116688443&gjid=1612165907&_gid=2104062448.1679988438&_u=aEBAAEAAAAAAACAAI~&z=72554236
173.194.221.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-98294941-1&cid=1503674469.1679988438&jid=2116688443&gjid=1612165907&_gid=2104062448.1679988438&_u=aEBAAEAAAAAAACAAI~&z=72554236
IP 173.194.221.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-98294941-1&cid=1503674469.1679988438&jid=2116688443&gjid=1612165907&_gid=2104062448.1679988438&_u=aEBAAEAAAAAAACAAI~&z=72554236 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://binarium.cool
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://binarium.cool
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Mar 2023 07:26:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 718fd0a69c546765a1e4fb756d2c6660
f179206be32ab202458745c8b5b009faf236ba72
971bd81d829ea0f8aa54ef71cce89a5b8e1f1e4a87cb94c206770b2a233ccf0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 07:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
balancer-cloud.livetex.ru/get-client/?site_id=123917&version=1.2.36&target=settings_path&rnd=ad6q09vbxxs
185.39.80.120302 Found 0 B URL HTTP/2 balancer-cloud.livetex.ru/get-client/?site_id=123917&version=1.2.36&target=settings_path&rnd=ad6q09vbxxs
IP 185.39.80.120:0
ASN #200015 Omnichannel technologies LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get-client/?site_id=123917&version=1.2.36&target=settings_path&rnd=ad6q09vbxxs HTTP/1.1
Host: balancer-cloud.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://binarium.cool
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 28 Mar 2023 07:26:59 GMT
content-length: 0
location: //widgets-04.livetex.ru/js/widgetsSettings.json
expires: Tue, 28 Mar 2023 07:26:58 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
access-control-allow-origin: https://binarium.cool
access-control-allow-credentials: true
X-Firefox-Spdy: h2
widgets-04.livetex.ru/js/widgetsSettings.json
185.39.80.62200 OK 823 B URL HTTP/2 widgets-04.livetex.ru/js/widgetsSettings.json
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text
Hash f830088a7501e0371ac3de586ac83510
ccc443c2036f9ae9752a76318446a82e1150ff8a
1fa82e973cd370596fed3d7647743fd6f5108792fdc816237a4530b600129e47
GET /js/widgetsSettings.json HTTP/1.1
Host: widgets-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://binarium.cool/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:59 GMT
content-type: application/json
content-length: 823
last-modified: Mon, 16 Jan 2023 11:05:31 GMT
etag: "63c52f7b-337"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
balancer-cloud.livetex.ru/get-client/?site_id=123917&version=1.2.36&target=path&rnd=vj56hfxkoqp
185.39.80.168302 Found 0 B URL HTTP/2 balancer-cloud.livetex.ru/get-client/?site_id=123917&version=1.2.36&target=path&rnd=vj56hfxkoqp
IP 185.39.80.168:0
ASN #200015 Omnichannel technologies LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get-client/?site_id=123917&version=1.2.36&target=path&rnd=vj56hfxkoqp HTTP/1.1
Host: balancer-cloud.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 28 Mar 2023 07:26:59 GMT
content-length: 0
location: //widgets-04.livetex.ru/js/app3.js
expires: Tue, 28 Mar 2023 07:26:58 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
access-control-allow-credentials: true
X-Firefox-Spdy: h2
widgets-04.livetex.ru/js/app3.js
185.39.80.62200 OK 117 kB URL HTTP/2 widgets-04.livetex.ru/js/app3.js
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116851 bytes)
Hash e3d447a518c3a22eba0acb79b6c51d6c
67eda135e7bc44c758d9d9229f93e51a447699bc
fdffb618195fbd3465804776a0a2072776ee59545165e9c4952e21f677f46ef1
GET /js/app3.js HTTP/1.1
Host: widgets-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://binarium.cool/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:59 GMT
content-type: application/javascript
content-length: 116851
etag: "63c52389-1c873"
access-control-allow-credentials: true
cache-control: no-cache
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
widgets-04.livetex.me/js/iframe.html
172.67.74.3200 OK 0 B URL HTTP/2 widgets-04.livetex.me/js/iframe.html
IP 172.67.74.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /js/iframe.html HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://binarium.cool/
Origin: https://binarium.cool
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:59 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwEwxHdqMjgSdTL2vqO1aUjYnUs9RrK82FfaJtKEOG8RVhrY5PXvdnih53sdoKpz9zWZ1h4Gn27YOBjDw4RClzib9vRcdBDy03ie%2Fq7Gwnd0mgIW7wBqahNugaCcZd9xF7ihAdlSQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aee25e79b1d1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
balancer-04.livetex.ru/services/?site_id=123917&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http&client=widget&version=7.1.1229
185.39.80.62200 OK 510 B URL HTTP/2 balancer-04.livetex.ru/services/?site_id=123917&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http&client=widget&version=7.1.1229
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with very long lines (510), with no line terminators
Hash f8109ab23eb78518e4c73e1016640110
f4d99a4c7d0ab0b4c27071d401148ed8f97f67a7
0f009adee148b2bcd756d4332898e660fa25c5ebb442bac4bee2c450dec94cdf
GET /services/?site_id=123917&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http&client=widget&version=7.1.1229 HTTP/1.1
Host: balancer-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://binarium.cool/
Origin: https://binarium.cool
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:59 GMT
content-type: text/plain; charset=UTF-8
content-length: 510
strict-transport-security: max-age=15724800; includeSubDomains
expires: Tue, 28 Mar 2023 07:26:58 GMT
cache-control: no-cache, public
access-control-allow-origin: https://binarium.cool
access-control-allow-credentials: true
X-Firefox-Spdy: h2
widgets-04.livetex.me/css/widgets/123917.css
172.67.74.3200 OK 35 kB URL HTTP/2 widgets-04.livetex.me/css/widgets/123917.css
IP 172.67.74.3:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 530572ca44b0af0f76168d21efad3474
4898730f3eb8a3c0b4507b55e6ab9c153dd1f85f
749eebdf59dc8777bb228a7a368215e83dfb0146c3ad05208f3bfbf4c3e787f1
GET /css/widgets/123917.css HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://binarium.cool
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-type: text/css
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public,max-age=0,s-maxage=7200
cf-bgj: minify
cf-polished: origSize=285362
last-modified: Tue, 28 Mar 2023 06:45:32 GMT
cf-cache-status: HIT
age: 2124
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8ocvTxaQ0JWHgGoZEcy1jJ%2BfkcjocHKQAJJToHU1KcWn0hxgGbRhlWL1teJs3XshrmWcEjrxahVTimgd6K37Due1PpscQsq58dTvzyu%2FwzOZpgoVw7UDPxMtudj%2BdOnxjaX%2FLlVuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee25e9daa8b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
io2-ls-04.livetex.ru/visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=pimd6rlp5u&_h[lt-origin]=account%3A146400%3Asite%3A123917
185.39.80.62200 OK 519 B URL HTTP/2 io2-ls-04.livetex.ru/visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=pimd6rlp5u&_h[lt-origin]=account%3A146400%3Asite%3A123917
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type ASCII text, with very long lines (519), with no line terminators
Hash 3e57dba3f5ad66ba157b86349b56653b
5d8557baabe4281774153e838aba068b9d7981c6
bef23d7ba360fda1f2674f69678ddc050ab6287ea8e9e2023ecdabb1e25b53b2
GET /visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=pimd6rlp5u&_h[lt-origin]=account%3A146400%3Asite%3A123917 HTTP/1.1
Host: io2-ls-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-type: text/javascript
content-length: 519
set-cookie: 111rjfm=io:io-1-kube-livetex-ru:session:o4ytxhce1n0evtctedn29;expires=Tue, 11 Apr 2023 07:27:00 GMT;path=/;domain=livetex.ru;httponly
strict-transport-security: max-age=15724800; includeSubDomains
expires: Tue, 28 Mar 2023 07:26:59 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
X-Firefox-Spdy: h2
balancer-04.livetex.ru/services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1229&0.46278930241074445
185.39.80.62200 OK 784 B URL HTTP/2 balancer-04.livetex.ru/services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1229&0.46278930241074445
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with very long lines (784), with no line terminators
Hash dceb3ae7fdeadcacc60ca8a834e8a2f3
a848cba2bcb8d0b1c95add1db1daec8c4056decf
a56aa87a50f3a363a1399279cde29f6228283d38fbac94df375f69a5675282c5
GET /services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1229&0.46278930241074445 HTTP/1.1
Host: balancer-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-type: text/plain; charset=UTF-8
content-length: 784
strict-transport-security: max-age=15724800; includeSubDomains
expires: Tue, 28 Mar 2023 07:26:59 GMT
cache-control: no-cache, public
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-credentials: true
X-Firefox-Spdy: h2
io2-ls-04.livetex.ru/poll/0/1679988440336?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=7vwwedbtk1k&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3Ao4ytxhce1n0evtctedn29
185.39.80.62200 OK 101 B URL HTTP/2 io2-ls-04.livetex.ru/poll/0/1679988440336?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=7vwwedbtk1k&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3Ao4ytxhce1n0evtctedn29
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type ASCII text, with no line terminators
Hash cd97d9725257ac5a0538a48a2797830d
7f4c6d1850c8abe0323a2a611235bd8440c992b6
3b4240ee6077ac52c79a3f32fdcc9b5e1066e6e8470a03dfcc7c5494587c07a7
GET /poll/0/1679988440336?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=7vwwedbtk1k&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3Ao4ytxhce1n0evtctedn29 HTTP/1.1
Host: io2-ls-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-type: text/javascript
content-length: 101
strict-transport-security: max-age=15724800; includeSubDomains
expires: Tue, 28 Mar 2023 07:26:59 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
X-Firefox-Spdy: h2
widgets-04.livetex.me/js/iframe.html?host-page-origin=https://binarium.cool
172.67.74.3200 OK 79 kB URL HTTP/2 widgets-04.livetex.me/js/iframe.html?host-page-origin=https://binarium.cool
IP 172.67.74.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1628), with no line terminators
Hash e5a214759a08ad0b3f24f93b85b4057b
cfcfbf70376b7a3375d79a404248b7b6069244e2
6846aa274cbccaf344ce66f1ace6035797ad2f47e0b35d688eccead7a9bd2f60
GET /js/iframe.html?host-page-origin=https://binarium.cool HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:59 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7LJgCCO4r4%2FD9oY8ROtyeuAZLryYSqLoaXzv9TYNz2hZGHczAGf6KqyaRCWxiMMPpPS9P8XhSOihriOh9EtoZhMHWf%2FfufZOx9ewnlbUUxtkLpeWrTUUlUVy9OuFrTv2EN2RoXiOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aee25e82871b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
wapi-04.livetex.ru/WidgetsAPIServiceTag
185.39.80.62200 OK 78 B URL HTTP/2 wapi-04.livetex.ru/WidgetsAPIServiceTag
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 7767b627809c4786bdc597e78e9522ef
12faf308dd04864c38fa6625bd80e18b91864396
6bf7959a9b77d03809ee21c84c89119a6167ac3bd095bc5af50c2c66b3d2e0ff
POST /WidgetsAPIServiceTag HTTP/1.1
Host: wapi-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 171
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-length: 78
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
X-Firefox-Spdy: h2
io2-ls-04.livetex.ru/site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A146400%3Asite%3A123917%3Apage%3A88ipf4xph78%22%3A%7B%22seo_referrer%22%3A%22aHR0cDovL2Jpbi5nZC8%3D%22%2C%22referrer%22%3A%22aHR0cDovL2Jpbi5nZC8%3D%22%2C%22page_title%22%3A%22QmluYXJpdW0%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly9iaW5hcml1bS5jb29sL2xwL2VmZmVjdGl2ZS1pbnZlc3RtZW50cz9wYXJ0bmVyX2lkPXAyMjM1OXAxNDAxMDdwYWE4OCZzdWJpZD0yMDIzMDMyODA3MjY1Nng5MDkxOQ%3D%3D%22%7D%7D%7D&_rnd=xtjufbxt9r9&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3Ao4ytxhce1n0evtctedn29
185.39.80.62200 OK 283 B URL HTTP/2 io2-ls-04.livetex.ru/site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A146400%3Asite%3A123917%3Apage%3A88ipf4xph78%22%3A%7B%22seo_referrer%22%3A%22aHR0cDovL2Jpbi5nZC8%3D%22%2C%22referrer%22%3A%22aHR0cDovL2Jpbi5nZC8%3D%22%2C%22page_title%22%3A%22QmluYXJpdW0%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly9iaW5hcml1bS5jb29sL2xwL2VmZmVjdGl2ZS1pbnZlc3RtZW50cz9wYXJ0bmVyX2lkPXAyMjM1OXAxNDAxMDdwYWE4OCZzdWJpZD0yMDIzMDMyODA3MjY1Nng5MDkxOQ%3D%3D%22%7D%7D%7D&_rnd=xtjufbxt9r9&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3Ao4ytxhce1n0evtctedn29
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type ASCII text, with no line terminators
Hash 7116d5cf5eb8906a51d2eecbb25f7353
12705c4f3f2f05be7d036fbc855c5cf62615dd80
1da1a28861c4fae0f3ef0a6fc1cc22f99857f0b2751c3ebbb182599f8d9876c6
GET /site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A146400%3Asite%3A123917%3Apage%3A88ipf4xph78%22%3A%7B%22seo_referrer%22%3A%22aHR0cDovL2Jpbi5nZC8%3D%22%2C%22referrer%22%3A%22aHR0cDovL2Jpbi5nZC8%3D%22%2C%22page_title%22%3A%22QmluYXJpdW0%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly9iaW5hcml1bS5jb29sL2xwL2VmZmVjdGl2ZS1pbnZlc3RtZW50cz9wYXJ0bmVyX2lkPXAyMjM1OXAxNDAxMDdwYWE4OCZzdWJpZD0yMDIzMDMyODA3MjY1Nng5MDkxOQ%3D%3D%22%7D%7D%7D&_rnd=xtjufbxt9r9&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3Ao4ytxhce1n0evtctedn29 HTTP/1.1
Host: io2-ls-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-type: text/javascript
content-length: 283
strict-transport-security: max-age=15724800; includeSubDomains
expires: Tue, 28 Mar 2023 07:26:59 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
X-Firefox-Spdy: h2
widgets-04.livetex.me/images/preloader.gif
172.67.74.3200 OK 4.0 kB URL HTTP/2 widgets-04.livetex.me/images/preloader.gif
IP 172.67.74.3:0
File type GIF image data, version 89a, 132 x 12\012- data
Hash fd9a34f0d404a57d675c4dc84f7c9b2f
0e872de1ed8970c54594b7eb39c1ccb294947d2c
67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918
GET /images/preloader.gif HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-type: image/gif
content-length: 3960
last-modified: Mon, 16 Jan 2023 10:12:29 GMT
etag: "63c5230d-f78"
expires: Tue, 28 Mar 2023 18:53:30 GMT
cache-control: max-age=86400
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
cf-cache-status: HIT
age: 28528
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8adIWCdeoxxQGsUksYJ9oUhhkUcKNlzhMQXfUolM1AtXXQQai3Pdx9sgJIlrpkDMhK907kmTQaL0pMp3pwBRks95Jmxx2VGarj5np4Nhd6JZ03DXn9b7PD7B8uM7y%2Btv1mv3nNw9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee25ebfd1bb521-OSL
X-Firefox-Spdy: h2
wapi-04.livetex.ru/WidgetsAPIServiceTag
185.39.80.62200 OK 45 B URL HTTP/2 wapi-04.livetex.ru/WidgetsAPIServiceTag
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 74a5598466f7a5496d1fb018c7a6fc0b
ea750b64d6fbbea5206c0b35e0a09822d92a6b59
ea7762b92554ce0545a4846053f5d9213ba4ca8c3ea2b08b1b21ab3707b87069
POST /WidgetsAPIServiceTag HTTP/1.1
Host: wapi-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 153
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-length: 45
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
X-Firefox-Spdy: h2
widgets-04.livetex.me/images/footer_bg.png
172.67.74.3200 OK 547 B URL HTTP/2 widgets-04.livetex.me/images/footer_bg.png
IP 172.67.74.3:0
File type PNG image data, 114 x 26, 8-bit colormap, non-interlaced\012- data
Hash 51aaf8b6c838da34defc559255265cdb
60a12d1c9d6957539f5b00cb2f5a97ce493c0ecd
f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5
GET /images/footer_bg.png HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-type: image/png
content-length: 547
last-modified: Mon, 16 Jan 2023 10:12:29 GMT
etag: "63c5230d-223"
expires: Tue, 28 Mar 2023 18:53:41 GMT
cache-control: max-age=86400
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
cf-cache-status: HIT
age: 9327
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ReuoaJqG3yQLYcktdaz7vtkDyF3m0qlJVC8Ja5Bz9ZA9%2FnqwY%2FAOndfMFC%2F3gCMSSHasZ0axA9KVYsnxFD8fWEO5mcQisIJ%2Ft0wk6WKc2psAINNyZjzVHC%2B%2FhxDER0kLg9%2FtonlhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee25ec3d81b521-OSL
X-Firefox-Spdy: h2
widgets-04.livetex.me/fonts/icons.ttf
172.67.74.3200 OK 79 kB URL HTTP/2 widgets-04.livetex.me/fonts/icons.ttf
IP 172.67.74.3:0
File type PNG image data, 412 x 716, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f50a4175dd4bc8ac7ef0c183a5cb769
761007ffef1265715b57b27c858472d0aa492006
c1fa2ce1ea01ddbe870cf079cfd09f915e3a8aeb3814a938f787c55fcea49ecd
GET /fonts/icons.ttf HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://binarium.cool
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:00 GMT
content-type: application/octet-stream
content-length: 7156
last-modified: Mon, 16 Jan 2023 10:12:29 GMT
etag: "63c5230d-1bf4"
expires: Thu, 30 Mar 2023 16:33:32 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
cf-cache-status: HIT
age: 397349
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUmNHfxvvNYRP95E%2FSxGnyxOXLxA%2BZ3dI2Jumg5iCqLVLO4dRGEG1ZhE0cj%2F4%2BlIfD%2FpppSBNAptw%2Ff8uFLajLJYTYjPGwHy79r97NAh7srwLZqKExc5JgAipuWJ10nswK3ID39DVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee25ec4fc51c16-OSL
X-Firefox-Spdy: h2
balancer-04.livetex.ru/services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1229&0.7926882896835866
185.39.80.62200 OK 784 B URL HTTP/2 balancer-04.livetex.ru/services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1229&0.7926882896835866
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with very long lines (784), with no line terminators
Hash dceb3ae7fdeadcacc60ca8a834e8a2f3
a848cba2bcb8d0b1c95add1db1daec8c4056decf
a56aa87a50f3a363a1399279cde29f6228283d38fbac94df375f69a5675282c5
GET /services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1229&0.7926882896835866 HTTP/1.1
Host: balancer-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 784
strict-transport-security: max-age=15724800; includeSubDomains
expires: Tue, 28 Mar 2023 07:27:04 GMT
cache-control: no-cache, public
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-credentials: true
X-Firefox-Spdy: h2
vnds-i3-04.livetex.ru/vnds-i3-04
185.39.80.62200 OK 110 B URL HTTP/2 vnds-i3-04.livetex.ru/vnds-i3-04
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 44e7bfe50ec1f4a77288b1040e1f0bea
c31749b6bb00826d057fafc4fc039b7815992164
ca3375eb5dcf6b91edbbc157a75a0219342871e41623a1e186cf70506287f538
POST /vnds-i3-04 HTTP/1.1
Host: vnds-i3-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 171
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:05 GMT
content-length: 110
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
X-Firefox-Spdy: h2
vnds-i3-04.livetex.ru/vnds-i3-04
185.39.80.62200 OK 38 B URL HTTP/2 vnds-i3-04.livetex.ru/vnds-i3-04
IP 185.39.80.62:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 2e08de4b1e232b63c9ba497fb270a6d7
94220e530ea612fc7e9d4c2576cbbaa3bf67ff67
cbe81df686e614f73e5adabe17ca73c8ebed8b96a0097aa1c514107d4032d4a5
POST /vnds-i3-04 HTTP/1.1
Host: vnds-i3-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 189
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:27:05 GMT
content-length: 38
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tFYFwzjyNtfiOJ3pLPC126YgOclndkmPYWrFTdLcWP9LgP9xjj_snQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 23:10:22 GMT
age: 29803
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cash.mmm-bop.com/static/cash-react/build/js/cashierRenderer.js
104.21.28.80200 OK 0 B URL HTTP/2 cash.mmm-bop.com/static/cash-react/build/js/cashierRenderer.js
IP 104.21.28.80:0
GET /static/cash-react/build/js/cashierRenderer.js HTTP/1.1
Host: cash.mmm-bop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:57 GMT
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 19:20:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
cf-cache-status: HIT
age: 2338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpCireuQ4D0Uuo5pl%2FIfptF%2BsPCL12d2evgKk7FeStIKqBnFf%2BRb%2BDvEGwaQ8cFnbTp4nTGMEzqxG0XdWxfIeY%2FD0z%2BfL12sPM1R7EpOcWPuvWETKMPdVTdmVa8zMZpLcAbf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee25d9f9410b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.isas.info/api/v1/users/self/geolocation
172.67.137.223200 OK 0 B URL HTTP/2 api.isas.info/api/v1/users/self/geolocation
IP 172.67.137.223:0
GET /api/v1/users/self/geolocation HTTP/1.1
Host: api.isas.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://binarium.cool
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:58 GMT
content-type: application/json
x-powered-by: PHP/8.1.12
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-JWT, X-EXTRA-JWT, If-Modified-Since, Cache-Control, Content-Type, Accept-Language, Fingerprint, g-recaptcha-response
access-control-expose-headers: X-Pagination-Size
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpynVCMdKtN1nNyeZ2YW51pzFel3a%2BNUUJzZyOvtZEZ22fK9UkD8sGPOqfPwjLIrkThzS0x5fQD38EhhcEc6Aod7HaqGngBY%2F6a9OplVMgIm70PA99nYNQF%2B76UsU8iC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aee25ddeeda0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=IBM+Plex+Sans:400,600,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=IBM+Plex+Sans:400,600,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
IP 142.250.74.74:0
GET /css?family=IBM+Plex+Sans:400,600,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Mar 2023 07:26:57 GMT
date: Tue, 28 Mar 2023 07:26:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgets-04.livetex.me/js/ui.7.1.1229.js
172.67.74.3200 OK 0 B URL HTTP/2 widgets-04.livetex.me/js/ui.7.1.1229.js
IP 172.67.74.3:0
GET /js/ui.7.1.1229.js HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 07:26:59 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cf-bgj: minify
cf-polished: origSize=1157968
etag: W/"63c5237f-11ab50"
last-modified: Mon, 16 Jan 2023 10:14:23 GMT
cf-cache-status: HIT
age: 3513
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9mht5Y2jCWk%2Fx7JgBUD%2BsyuvA%2FrX6XD49ie6Os7cbS8%2Fl%2FIxwUWPy1KQ7g%2FgP5ufFLggmzomAijb1PhrgeUmzlc1GgZlzK2bxJKZv2FHVKrlkVRgpplWjYlG%2F1GYLRNkbroMSGJSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee25e8286db521-OSL
content-encoding: br
X-Firefox-Spdy: h2
cs15.livetex.ru/js/client.js
185.39.80.168200 OK 0 B URL HTTP/2 cs15.livetex.ru/js/client.js
IP 185.39.80.168:0
ASN #200015 Omnichannel technologies LLC
GET /js/client.js HTTP/1.1
Host: cs15.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 07:26:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sun, 05 Feb 2023 06:32:47 GMT
etag: W/"63df4d8f-690"
expires: Wed, 29 Mar 2023 07:26:58 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
binarium.cool/lp/effective-investments/?partner_id=p22359p140107paa88&subid=20230328072656x90919
104.21.10.75404 Not Found 0 B URL HTTP/2 binarium.cool/lp/effective-investments/?partner_id=p22359p140107paa88&subid=20230328072656x90919
IP 104.21.10.75:0
GET /lp/effective-investments/?partner_id=p22359p140107paa88&subid=20230328072656x90919 HTTP/1.1
Host: binarium.cool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bin.gd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 28 Mar 2023 07:26:57 GMT
content-type: text/html
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXJIakuQCLCe8Wvh4x21uFA%2ByQo31TicdzYB%2BYvApcdu8kNSnC%2Fa690val3a2PU1p47PwMOVty65X2nhkOOs5DKfQmyZHSI%2B8rnmAcDtrsFyW%2BjzuTrli4o%2BKdMNNX0m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aee25d92a4eb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2