Overview

URLganjaplan.7fi.ru/login.php
IP 91.194.2.84 (Russia)
ASN#51520 RealHost Ltd.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 21:06:47 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (24)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (10) 344 No data No data 23.36.76.226
w.uptolike.com (10) 101818 2013-08-05 13:26:12 UTC 2022-11-30 01:11:17 UTC 95.163.114.204
af.click.ru (1) 135475 2021-12-09 09:15:00 UTC 2022-11-29 12:58:01 UTC 217.197.112.80
vk.com (2) 2243 2012-05-21 15:01:19 UTC 2022-11-30 04:11:14 UTC 87.240.132.78
connect.ok.ru (2) 20169 2012-12-05 13:46:44 UTC 2022-11-30 04:48:47 UTC 217.20.152.207
ganjaplan.7fi.ru (15) 0 2014-02-11 22:28:30 UTC 2022-11-26 15:33:21 UTC 91.194.2.84 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239
mc.yandex.ru (10) 2672 2012-05-21 09:38:30 UTC 2022-11-30 04:08:52 UTC 87.250.250.119
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.210.158.59
cntrsync.ru (1) 0 2022-11-23 18:58:34 UTC 2022-11-29 22:16:11 UTC 92.63.102.100 Unknown ranking
cdn.smntq.com (1) 194212 No data No data 95.217.109.66
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
yandex.st (1) 46311 2012-05-22 22:19:28 UTC 2022-11-30 04:11:02 UTC 178.154.131.216
ocsp.globalsign.com (6) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.21.226
counter.yadro.ru (2) 7275 2014-09-09 18:41:17 UTC 2022-11-30 04:05:58 UTC 88.212.202.52
ocsp2.globalsign.com (2) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.20.226
supraneet.ru (1) 0 2022-10-04 16:57:41 UTC 2022-11-29 12:58:12 UTC 62.109.6.15 Unknown ranking
api.pinterest.com (2) 2281 2014-07-14 09:37:32 UTC 2020-04-20 13:46:01 UTC 2.18.172.195
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.193.229
r3.o.lencr.org (10) 344 No data No data 23.33.119.27
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
connect.mail.ru (2) 47433 2012-05-21 15:01:23 UTC 2020-04-29 13:28:56 UTC 94.100.180.54

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 ganjaplan.7fi.ru/login.php Phishing
2022-11-30 2 ganjaplan.7fi.ru/style/mobile.css?2 Phishing
2022-11-30 2 ganjaplan.7fi.ru/js/extra.js?v=1 Phishing
2022-11-30 2 ganjaplan.7fi.ru/js/libs.min.js?v=2 Phishing
2022-11-30 2 ganjaplan.7fi.ru/vc?408847;0;0.5581584050991749 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 91.194.2.84
Date UQ / IDS / BL URL IP
2023-01-28 03:09:18 +0000 0 - 8 - 0 justiceleague.rolevaya.ru/ 91.194.2.84
2023-01-16 23:49:26 +0000 0 - 11 - 0 schoollife.fludilka.su/login.php?action=forget 91.194.2.84
2023-01-14 03:58:30 +0000 0 - 7 - 0 zarabotok.forumrpg.ru/viewtopic.php?id=4007 91.194.2.84
2023-01-04 18:59:13 +0000 0 - 34 - 3 amateursims3.mybb.ru/viewtopic.php?id=225&p=2 91.194.2.84
2023-01-03 17:14:18 +0000 0 - 1 - 0 zarabotok.forumrpg.ru/login.php 91.194.2.84


Last 5 reports on ASN: RealHost Ltd.
Date UQ / IDS / BL URL IP
2023-01-28 03:09:18 +0000 0 - 8 - 0 justiceleague.rolevaya.ru/ 91.194.2.84
2023-01-16 23:49:26 +0000 0 - 11 - 0 schoollife.fludilka.su/login.php?action=forget 91.194.2.84
2023-01-16 13:03:49 +0000 0 - 1 - 0 immo-master.ru/downloads/ARNAVI_ESM_Configura (...) 91.194.2.147
2023-01-14 03:58:30 +0000 0 - 7 - 0 zarabotok.forumrpg.ru/viewtopic.php?id=4007 91.194.2.84
2023-01-04 18:59:13 +0000 0 - 34 - 3 amateursims3.mybb.ru/viewtopic.php?id=225&p=2 91.194.2.84


Last 3 reports on domain: 7fi.ru
Date UQ / IDS / BL URL IP
2022-12-15 06:55:37 +0000 0 - 0 - 15 ganjaplan.7fi.ru/login.php 91.194.2.84
2022-12-12 04:13:21 +0000 0 - 0 - 5 ganjaplan.7fi.ru/viewtopic.php?id=378 91.194.2.84
2022-11-30 21:06:47 +0000 0 - 0 - 5 ganjaplan.7fi.ru/login.php 91.194.2.84


No other reports with similar screenshot

JavaScript

Executed Scripts (31)

Executed Evals (0)

Executed Writes (1)
#1 JavaScript::Write (size: 303) - SHA256: 4b8226f2d399a36594a9d530a50224ab1d99f7ad7f07e6aabc6a0cf2614a6a75
< a rel = 'nofollow'
href = 'http://www.liveinternet.ru/click;build2'
target = _blank > < img src = 'http://counter.yadro.ru/hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.6310387618249891'
alt = ''
title = 'LiveInternet: ?>:070=> G8A;> ?>A5B8B5;59 70 A53>4=O'
border = 0 width = 88 height = 15 > < /a>


HTTP Transactions (82)


Request Response
                                        
                                            GET /login.php HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: text/html; charset=windows-1251
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (713), with CRLF, LF line terminators
Size:   4477
Md5:    831465d67a45346f24b75c418ed4f469
Sha1:   0bc275b237875600eea3bc4f5f752df70b637321
Sha256: 68dbd7f7cd807563561565839e7494c6a64f2b15e8ce7f58d28b4d3aeda89ec1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10379
Expires: Wed, 30 Nov 2022 23:59:35 GMT
Date: Wed, 30 Nov 2022 21:06:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 883
Cache-Control: max-age=135566
Date: Wed, 30 Nov 2022 21:06:36 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 10:46:02 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 20:19:43 GMT
cache-control: public,max-age=3600
age: 2813
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4922
Expires: Wed, 30 Nov 2022 22:28:38 GMT
Date: Wed, 30 Nov 2022 21:06:36 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: GwEVMpD4fXdmhfvqHAhvYyerY9q1+YHv1wGECXbWggP6UcFSalBomHhfKQNXtvXTUJDQa+krXDc=
x-amz-request-id: RS6FK81DMRGWDDFW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 20:46:00 GMT
age: 1236
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 21:06:36 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /share/share.js HTTP/1.1 
Host: yandex.st
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/

search
                                         178.154.131.216
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.17.9
Date: Wed, 30 Nov 2022 21:06:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Content-Encoding: gzip
Etag: W/"db7132f94e4730c128b638f72b46c899"
Expires: Sat, 03 Dec 2022 09:02:03 GMT
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 5c840979563b2591


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32058)
Size:   13696
Md5:    0846935dee0d2ebbb7af7cbce113d5b8
Sha1:   f07346e034d5ad76aa90b38e195500574aafbb4e
Sha256: 2b682e5417a0a08596a80bc834ffeb32948d54373b4020d54fac626e559c1270
                                        
                                            GET /style/Quicktime/Quicktime.css HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Last-Modified: Sun, 23 Mar 2008 19:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"47e6af7c-5445"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with CR, LF line terminators
Size:   4745
Md5:    75d236ac2714b7162dd73b6c4643cf88
Sha1:   4767ffaf017749041d57af8d3fb80465a1fe248a
Sha256: 5901a88742bc1c1a69b8155c105118615f592529932c7653b48b7b7fa4ea1176
                                        
                                            GET /style/extra.css?v=14 HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Last-Modified: Tue, 06 Apr 2021 06:46:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"606c03cd-5359"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (374)
Size:   5265
Md5:    0786b30c8750ff9f4d70b537371a3f9b
Sha1:   57e0e0afe8c9743f8fde7940fd8106e6c44e482c
Sha256: d447881e8abec1e2b5032a3889b407b4ca4ccedaa9adee6302903bda8ecb6d9e
                                        
                                            GET /style/mobile.css?2 HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Last-Modified: Mon, 01 Nov 2021 18:38:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61803432-3040"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   2745
Md5:    50bbfaed06b9ced48f1f9596a9778011
Sha1:   4900dc5bd03b4979970960a2b8d3f78e21513874
Sha256: 293d1cd9b43ee93b7d7db96893ed0cba0d357791fb163c09920144bd9415fed7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/extra.js?v=1 HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Last-Modified: Tue, 06 Apr 2021 06:46:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"606c03cd-1115"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1693
Md5:    19496073833e71e4a9944399d2fad541
Sha1:   feb283cb79b79ef146a950f52e7f36fd41f005c8
Sha256: fc634b35ef9a808f98b03d748c8c91d33b0f90a2c3f67c58a062e3d65e8cadf8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/libs.min.js?v=2 HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Last-Modified: Mon, 17 May 2021 05:58:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60a205fa-24703"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769)
Size:   50706
Md5:    651e10669f7f7c1832074fb3e3c9cbe3
Sha1:   a28847ef2a18d9aa63197314b9e41fa7439c2871
Sha256: 6d5466413ed92731bed64127979cd6f35d6b8a4ed38b46cf0d82c475e62b35e8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /style/Quicktime/Quicktime_cs.css HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime.css
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Last-Modified: Tue, 23 Oct 2012 14:54:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5086afa7-1620"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1328
Md5:    0344bcb09574e16ac0390dda246aee3e
Sha1:   b6f7a98b22fd936fccb594df1363fee654460287
Sha256: 57e672d7289f7142fb8e2fe0c212a132fae3a1a57aeaf348bf799ea6d4a14d08
                                        
                                            GET /img/Quicktime/bg.gif HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Content-Length: 2505
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-9c9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 10 x 396\012- data
Size:   2505
Md5:    7f876304d98e721cd423bcb5e29f6e16
Sha1:   9a25bb03827370eab74929a54fa968572ed3225a
Sha256: 614c8bb5379d6fe3688956e4239f56f36bb3a475c3dd374b61f706f2fdece7a4
                                        
                                            GET /vc?408847;0;0.5581584050991749 HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Expires: Tue, 29 Nov 2022 21:06:36 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /img/Quicktime/header.gif HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Content-Length: 887
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-377"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 10 x 30\012- data
Size:   887
Md5:    60230e68b051b086e119569b01f2fce7
Sha1:   44852369c83dea148d7c70a3fad17366be998c87
Sha256: d12f56e6f38108fb3d51fa1c9a3bfdd5c0331214d751e6e1a95375ad1a568e1c
                                        
                                            GET /img/Quicktime/menu.gif HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Content-Length: 107
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-6b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 32\012- data
Size:   107
Md5:    bbdaa5cf5b07d240d100b38f01e9638f
Sha1:   f2121250a0807803b852f3640307043288c22d0e
Sha256: aedfba8b8818e19c87611d4c789fd56296ae48b4622289c8e4f7eacee2eb2baf
                                        
                                            GET /img/Quicktime/h2.gif HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Content-Length: 189
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-bd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 5 x 24\012- data
Size:   189
Md5:    d3abd12058db5295bf645ae5c9ac735b
Sha1:   3fd353584dbcd774cc42f44a10bf22f6cbfaeff8
Sha256: 8ab842a2289c06fc9e98c34510dfba617932ab30e40a45630f9ba8824398e273
                                        
                                            GET /npm/yandex-metrica-watch/watch.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.249.0
x-jsd-version-type: version
etag: W/"28441-HHcPD8UUl0943tDpENjh6gMs5yQ"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 21:06:36 GMT
age: 9689
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1677-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 66654
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Size:   66654
Md5:    abdd26bf39ab05e9898e3cf1ddbd3fd9
Sha1:   93521bf8e710e9ec024f0e9e24441ccd81c4a6f1
Sha256: 06c56ad9020dc6ef1a5d0141d5c172c0029d18f2dafe0b79a84bb0c4db2aa52d
                                        
                                            GET /img/Quicktime/arrow.gif HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/Quicktime/Quicktime_cs.css
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Content-Length: 918
Last-Modified: Sun, 23 Mar 2008 19:37:00 GMT
Connection: keep-alive
ETag: "47e6b15c-396"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 10 x 10\012- data
Size:   918
Md5:    5cd24532edd6c00a9c80ac7a57b62d83
Sha1:   1afa97e0e6893e85052af614eddb772789c2a04b
Sha256: 4db68bae0de18a9d3029957354ddc3be4e12ce43bb92e8e2d78b5ed6a32c3e66
                                        
                                            GET /i/social.1.png HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/style/extra.css?v=14
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:47 GMT
Content-Length: 4054
Last-Modified: Sun, 08 May 2016 08:05:17 GMT
Connection: keep-alive
ETag: "572ef33d-fd6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 588 x 16, 8-bit colormap, non-interlaced\012- data
Size:   4054
Md5:    b53cf2aa68a567b3376d84c16960f486
Sha1:   fdc4d2c2913073ce611c68e4e0d5ae56b87ec3a1
Sha256: 693e8cfadcb3433b03a5f30d94ee7c2ba5a3cb73840f4a9eae225851309eaf6a
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 21:06:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "91540B542626EF3EE980A6226E7A23949DC0E8C1"
Expires: Thu, 01 Dec 2022 08:00:00 GMT
Last-Modified: Wed, 30 Nov 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3294
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77268c430f05b50f-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    69c4e9839d1ccda984f248e4c6943c93
Sha1:   24b56e70c29ff08b11b558422c63bfae7efa8d58
Sha256: 5793540874df1ca3427ddac022e9657761c33540c31a389a07ab034567a65c3e
                                        
                                            GET /widgets/v1/uptolike.js HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=29792991842; Expires=Fri, 29 Nov 2024 21:06:36 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure utl_dat="COXL89LMMBAAIOWcvtvMMCjlnL7bzDAwACtMmeDm9tW8j8Dsrzgo9yg="; Expires=Fri, 29 Nov 2024 21:06:36 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=1800
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Expires: Wed, 30 Nov 2022 21:36:36 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (565)
Size:   8326
Md5:    6075742d564fbc306a88508d7e0e5d3d
Sha1:   769855acd94bae595564826b23fa3f738c806799
Sha256: cda0005e8be6a96fed733b0ea7cfa06fbcb3123c3692ed3d3ce7e8ee83587c63
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ganjaplan.7fi.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/login.php
Cookie: uid=W8ICVGOHxec9F3e5BVG9AgA=

search
                                         91.194.2.84
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:48 GMT
Content-Length: 318
Last-Modified: Thu, 03 May 2012 17:37:31 GMT
Connection: keep-alive
ETag: "4fa2c25b-13e"
Expires: Fri, 30 Dec 2022 21:06:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size:   318
Md5:    840e141d31c8e6ac1dd25b3ef7e14996
Sha1:   173f3fff8e64cd778cf9ed03cfac4c041bb1f4ea
Sha256: 2bf8aacfcde39096ca3437a9600810125b7694b56436e33e4417bbc7fa831686
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 20:11:14 GMT
cache-control: public,max-age=3600
age: 3322
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.6310387618249891 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/

search
                                         88.212.202.52
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Wed, 30 Nov 2022 21:06:36 GMT
Server: 0W/0.8c
Location: https://counter.yadro.ru/hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.6310387618249891
Content-Length: 32
Expires: Tue, 30 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 21:06:36 GMT
Content-Length: 937
Connection: keep-alive
Expires: Sun, 04 Dec 2022 18:10:12 GMT
ETag: "1ae38cdba014baeabca1a98172bf3f219a1eceaa"
Last-Modified: Wed, 30 Nov 2022 18:10:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3406
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77268c43e85bb50f-OSL

                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 73267
date: Wed, 30 Nov 2022 21:06:36 GMT
access-control-allow-origin: *
etag: "63875d46-11e33"
expires: Wed, 30 Nov 2022 22:06:36 GMT
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Size:   73267
Md5:    1d79426653c3b55939eaec59a2ce8ef5
Sha1:   c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
Sha256: 2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
                                        
                                            GET /watch/59396/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A547%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1646660671426%3Ahid%3A104030318%3Az%3A0%3Ai%3A20221130210635%3Aet%3A1669842395%3Ac%3A1%3Arn%3A614811662%3Arqn%3A1%3Au%3A1669842395640894071%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A41%2C29%2C78%2C2%2C-5%2C0%2C%2C405%2C7%2C%2C%2C%2C595%3Ans%3A1669842394695%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669842396%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 419
date: Wed, 30 Nov 2022 21:06:36 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 21:06:36 GMT
last-modified: Wed, 30-Nov-2022 21:06:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size:   419
Md5:    ac2603472395dc9d3d99140912d5ec44
Sha1:   006798898c611a61d7d03bea0080c549eb0ac71c
Sha256: a2e49f658f4367bcaf7d22ce6c2bb150363c41efab352e51c985c2fb202470b3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A1B688051BE3AF02A846DA196922AC0FC9CB080B46A18DA6AEB442D9CDBCCB72"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7014
Expires: Wed, 30 Nov 2022 23:03:31 GMT
Date: Wed, 30 Nov 2022 21:06:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 870
Cache-Control: max-age=130484
Date: Wed, 30 Nov 2022 21:06:37 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:21:21 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /widgets/v1/version.js?cb=cb__utl_cb_share_1669842395536267 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Nov 2022 19:31:36 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=29792991898; Expires=Fri, 29 Nov 2024 21:06:37 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="; Expires=Fri, 29 Nov 2024 21:06:37 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   83
Md5:    4ba1eb98dc0b25e6c9b7ea4716adb40c
Sha1:   a950e874bbdea112050078754bd0eff681047cf1
Sha256: 5aa46d3efffc62a4a8a70d048045392adc964c32d6730aa9ecad2057427c6f25
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Wed, 30 Nov 2022 21:06:37 GMT
access-control-allow-origin: *
etag: "63875d46-2b"
expires: Wed, 30 Nov 2022 22:06:37 GMT
accept-ranges: bytes
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/201230?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A547%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A489318567619%3Ahid%3A104030318%3Az%3A0%3Ai%3A20221130210635%3Aet%3A1669842396%3Ac%3A1%3Arn%3A521588164%3Arqn%3A1%3Au%3A1669842395640894071%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A41%2C29%2C78%2C2%2C-5%2C0%2C%2C405%2C7%2C%2C%2C%2C595%3Ans%3A1669842394695%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669842396%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 302 Found
                                        
location: /watch/201230/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A547%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A489318567619%3Ahid%3A104030318%3Az%3A0%3Ai%3A20221130210635%3Aet%3A1669842396%3Ac%3A1%3Arn%3A521588164%3Arqn%3A1%3Au%3A1669842395640894071%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A41%2C29%2C78%2C2%2C-5%2C0%2C%2C405%2C7%2C%2C%2C%2C595%3Ans%3A1669842394695%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669842396%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 30 Nov 2022 21:06:37 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
set-cookie: yandexuid=7342417201669842397; Expires=Thu, 30-Nov-2023 21:06:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=7342417201669842397; Expires=Thu, 30-Nov-2023 21:06:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=576799551669842397; Path=/; SameSite=None; Secure i=2GswpAwkMhLFBMZpl8AuKY91LQXEoa+/o/bC4sb9OhcFOLrs4UQaB446Ou8+0t+mrS1/NRj12MQrX/NK+ZK3i7+onQ8=; Expires=Sat, 27-Nov-2032 21:06:34 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1701378397.yc.1669842397#1701378397.yrts.1669842397#1701378397.yrtsi.1669842397; Expires=Thu, 30-Nov-2023 21:06:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 21:06:37 GMT
last-modified: Wed, 30-Nov-2022 21:06:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (416), with no line terminators
Size:   416
Md5:    9a6fcbf1f51b1529e91dfa3d2fc5da1b
Sha1:   38d977a437f1f3e28b6d1456fdf15d79c8ec66c9
Sha256: e19ea3f7dc83e2c8d8489453e130cdd65b8c1b5e3ea18ec7c0a14b648d6d33ba
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 21:06:37 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 04 Dec 2022 17:53:07 GMT
ETag: "2426f1b5b736a494ccd67cd6236bd853426cdaa6"
Last-Modified: Wed, 30 Nov 2022 17:53:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2754
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77268c464a780b55-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    183472307162066cc9c79d667566a282
Sha1:   2426f1b5b736a494ccd67cd6236bd853426cdaa6
Sha256: 762239d5d57f2b8e5badb92d3f5f7ca2eee9fed83298dea55fbdc4af1b7c7bc9
                                        
                                            GET /hit;build2?t25.10;r;s1280*1024*24;uhttp%3A//ganjaplan.7fi.ru/login.php;0.6310387618249891 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         88.212.202.52
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Wed, 30 Nov 2022 21:06:37 GMT
Content-Length: 96
Connection: keep-alive
Expires: Tue, 30 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 15\012- data
Size:   96
Md5:    d9665331529ff37edb821d1d5b43c870
Sha1:   940628e9a0d21eb7835e7bedb6990264c6c23153
Sha256: a27ed809ca17e1941af9e439a15e819ac96a1694065651c2aab6a96fec50f3c1
                                        
                                            GET /widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29792991898; utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Wed, 30 Nov 2022 21:36:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (783)
Size:   42196
Md5:    36e31a5362200127257f343ad21c9f3e
Sha1:   f5b05b2a24ca19d756b4cecf0ec80b304a0c7d2a
Sha256: 2ff107bc4ae47641d278b80ed6fa1a75f0a6f84bcd8f9aa16be825e32aace97a
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FyH845YTEf+aoN4WXkNhAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.210.158.59
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: al+cLOPWtJwhsQZaK3ejM6qiOK4=

                                        
                                            GET /widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29792991898; utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Wed, 30 Nov 2022 21:36:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (585)
Size:   4396
Md5:    51f01f98377569bbbc324944b01bdbdf
Sha1:   916b5de4cc082a3ff9414c3a88542fc32c2ec89a
Sha256: f5d5637c94689e5b58c9b3b0d9a18acc3a5ed5550f33ec9c86a3d3f25e16e7bb
                                        
                                            GET /widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29792991898; utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Wed, 30 Nov 2022 21:36:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (511)
Size:   624
Md5:    db0f291b1ee364d9de4ad30906fac72a
Sha1:   46ae53e00d5964e1fbd0d75c0483f4718db48e8e
Sha256: 9b2a1dadf125f7367489db7e4bd8c22b34ec3126220422467b0de51f0274f64d
                                        
                                            GET /widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTQ5NTMxMiUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHAlM0ElMkYlMkZnYW5qYXBsYW4uN2ZpLnJ1JTJGbG9naW4ucGhwJTIyJTdEJTVE&mode=0&callback=callback__utl_cb_share_166984239619230 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=29792991898; utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Nov 2022 19:31:36 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (374)
Size:   370
Md5:    3f9cce8cd31b3c82bf71eefc444e56d3
Sha1:   9e04c6406e1e631891589618baa4d33395d937d9
Sha256: c1fee63b3f8294f53f8da01bee61024409b28f98b990109dc44e6c2ca5b388d7
                                        
                                            GET /widgets/v1/imp?pid=1495312&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&vp=45aa827d-589a-4077-bf18-fd406eb2554c&ttl=JUQwJTkyJUQwJUJFJUQwJUI5JUQxJTgyJUQwJUI4&rnd=0.6654339315965921 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=29792991898; utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.163.114.204
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *

                                        
                                            GET /static/buttons/fonts/icomoon.woff?qq11232333=1232131231321 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Content-Length: 9144
Connection: keep-alive
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
ETag: "599456f5-23b8"
Expires: Tue, 16 May 2023 07:57:03 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 9144, version 0.0\012- data
Size:   9144
Md5:    2596eafba8821cbd54fb4c4294eea5f2
Sha1:   53046bf3bccd35a24e515fcfbd34b31ec27c841e
Sha256: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
                                        
                                            GET /widgets/v1/extra.js?rnd=0.3034719413842687 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29792991898; utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Nov 2022 19:31:36 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=29792991898; Expires=Fri, 29 Nov 2024 21:06:37 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="; Expires=Fri, 29 Nov 2024 21:06:37 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (695)
Size:   1895
Md5:    72d7a736132c48fe8522fdc8942e7405
Sha1:   901498c42b44b12c64c92f095a2822c5827f9454
Sha256: 9c29f92e8c323368230f0d2b16aa8d03544eb2eca99b8414d05151dec7263092
                                        
                                            GET /metrika/watch.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/

search
                                         87.250.250.119
HTTP/1.1 302 Moved temporarily
                                        
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "44724E8A961508359EC8D465F4C96927C3AF51ED8C4610B844A2A71B8620E54A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17473
Expires: Thu, 01 Dec 2022 01:57:50 GMT
Date: Wed, 30 Nov 2022 21:06:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "076E87DACC7D73E56AFEAA0BB423CC2DED1E84E6F2502E79EFA486E7CDB976BF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7979
Expires: Wed, 30 Nov 2022 23:19:36 GMT
Date: Wed, 30 Nov 2022 21:06:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D2119E901394E5E534E4228FCD1430DD95FFF4AA8B81AE22F027DAD67FE23FB9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8074
Expires: Wed, 30 Nov 2022 23:21:11 GMT
Date: Wed, 30 Nov 2022 21:06:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D01D511BB190405F76F3DD24168355D17C85CBD8AB1D723A9927C8BDC182168D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Wed, 30 Nov 2022 23:54:58 GMT
Date: Wed, 30 Nov 2022 21:06:37 GMT
Connection: keep-alive

                                        
                                            GET /minus/ HTTP/1.1 
Host: supraneet.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         62.109.6.15
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Wed, 30 Nov 2022 21:06:37 GMT
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Wednesday, 30-Nov-2022 21:06:37 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /collect_stat.js HTTP/1.1 
Host: af.click.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         217.197.112.80
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:37 GMT
Content-Length: 913
Last-Modified: Fri, 18 Nov 2022 09:50:15 GMT
Connection: keep-alive
ETag: "63775557-391"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   913
Md5:    9531806d16d72f9659eaab01bd09689b
Sha1:   7640f092c2b928c614bb46251477a3c80b3e820b
Sha256: a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
                                        
                                            GET /alt.js HTTP/1.1 
Host: cntrsync.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.63.102.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Wed, 30 Nov 2022 21:06:37 GMT
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Wednesday, 30-Nov-2022 21:06:37 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /metrika/watch.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ganjaplan.7fi.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 57741
date: Wed, 30 Nov 2022 21:06:37 GMT
access-control-allow-origin: *
etag: "63875d46-e18d"
expires: Wed, 30 Nov 2022 22:06:37 GMT
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Size:   57741
Md5:    89185e037b366ee6c6b5d55bd893c11d
Sha1:   6a0e2cd6189b890da76b827beaeeca41097e8cf1
Sha256: 2b46f64d745301de1b0f94206157e0373db1e5db20e7725794fb34adaab08423
                                        
                                            GET /watch/23414332?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A547%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A923%3Acn%3A3%3Adp%3A0%3Als%3A695756441235%3Ahid%3A104030318%3Az%3A0%3Ai%3A20221130210636%3Aet%3A1669842397%3Ac%3A1%3Arn%3A702044071%3Arqn%3A1%3Au%3A1669842395640894071%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A41%2C29%2C78%2C2%2C-5%2C0%2C%2C405%2C7%2C%2C%2C%2C595%3Aeu%3A1%3Ans%3A1669842394695%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669842397%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 302 Found
                                        
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A547%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A923%3Acn%3A3%3Adp%3A0%3Als%3A695756441235%3Ahid%3A104030318%3Az%3A0%3Ai%3A20221130210636%3Aet%3A1669842397%3Ac%3A1%3Arn%3A702044071%3Arqn%3A1%3Au%3A1669842395640894071%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A41%2C29%2C78%2C2%2C-5%2C0%2C%2C405%2C7%2C%2C%2C%2C595%3Aeu%3A1%3Ans%3A1669842394695%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669842397%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 30 Nov 2022 21:06:38 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
set-cookie: yandexuid=5397197621669842398; Expires=Thu, 30-Nov-2023 21:06:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=5397197621669842398; Expires=Thu, 30-Nov-2023 21:06:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=466194551669842398; Path=/; SameSite=None; Secure i=RchVA8+sWyFQoaBzSQ3I9qqXIJ/nN3lEcf4ys4GLPJCaG6LbyvLFnMPUeVSsYTo4pyeguibs4BQTk0dRpe4b/AJABls=; Expires=Sat, 27-Nov-2032 21:06:36 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1701378398.yc.1669842398#1701378398.yrts.1669842398#1701378398.yrtsi.1669842398; Expires=Thu, 30-Nov-2023 21:06:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 21:06:38 GMT
last-modified: Wed, 30-Nov-2022 21:06:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size:   407
Md5:    dbc661593130f200fe6084a607859b0b
Sha1:   f224816843d39a8a0117ca9132bd7423e6de9107
Sha256: 0ccd93f4f6620720c0824db103cb875bdb90eea3083682738e78c600bdaa8b95
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7231
Expires: Wed, 30 Nov 2022 23:07:09 GMT
Date: Wed, 30 Nov 2022 21:06:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12740
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:06:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12740
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 21:06:38 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
age: 82186
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3711
x-amzn-requestid: 502d7eed-f24a-49e8-b14e-759778b717ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbWQSFNnIAMFpxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63879d9b-5eb88e757ff3eeaa26dd7de2;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 18:14:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hrGJk_aF0hgdEXNUAqj74wYkXby2ptGRqWKFi4sxlvs_QN9WhC6vOw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:25:55 GMT
age: 9643
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3711
Md5:    89e1a735e16f55c78fa75ae434294029
Sha1:   6c56f4015305eff04a99cec9758cd40bf4e5f704
Sha256: 26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:55:46 GMT
age: 58252
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 83627
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 83413
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 82672
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /widgets/v1/zp/support.html HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Cookie: utl_id2=29792991898; utl_dat="CKDP89LMMBAAIKCgvtvMMCigoL7bzDAwALwc/oDfs8/Cw5tp12bzO1c="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Wed, 30 Nov 2022 21:36:38 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   3799
Md5:    a4af8c67ad0a2a6f681a742faca4463e
Sha1:   50794dee2e25cb8ec2187256750e00dc3231faa7
Sha256: 10ace92ddcb397879ff3569155caf7c3e28c3b4ee8c35eaddb48af927520ecf5
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 21:06:38 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Dec 2022 20:03:39 GMT
ETag: "17e4bd51f580534ac6acbc5873545081578a452c"
Last-Modified: Wed, 30 Nov 2022 20:03:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 330
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77268c506a57b50f-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    099c7d940b73bf2149f4effc78ca2fd4
Sha1:   17e4bd51f580534ac6acbc5873545081578a452c
Sha256: 245bdf8a161ff5244ee783d5094462fa59d53ef2604b7a3ed3daa17e986b91f6
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 21:06:38 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Dec 2022 20:03:39 GMT
ETag: "17e4bd51f580534ac6acbc5873545081578a452c"
Last-Modified: Wed, 30 Nov 2022 20:03:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 330
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77268c507a66b50f-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    099c7d940b73bf2149f4effc78ca2fd4
Sha1:   17e4bd51f580534ac6acbc5873545081578a452c
Sha256: 245bdf8a161ff5244ee783d5094462fa59d53ef2604b7a3ed3daa17e986b91f6
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 21:06:38 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 04 Dec 2022 19:33:08 GMT
ETag: "1bb02dffb8bbc41b5311dd884623cef5a22e2535"
Last-Modified: Wed, 30 Nov 2022 19:33:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 991
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77268c50eeca0b55-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    688c79257f570c9592156ec07943e8c7
Sha1:   1bb02dffb8bbc41b5311dd884623cef5a22e2535
Sha256: 577deda0527d8bf7279aa5195e0acfcdd9915d6139d7ef5ab6b153a7b5bac71f
                                        
                                            GET /share.php?act=count&format=json&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1669842397333221 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         87.240.132.78
HTTP/2 200 OK
content-type: text/html; charset=windows-1251
                                        
server: kittenx
date: Wed, 30 Nov 2022 21:06:38 GMT
content-length: 41
x-powered-by: KPHP/7.4.112783
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly remixlang=3; expires=Sat, 25 Nov 2023 17:24:46 GMT; path=/; domain=.vk.com remixstlid=9104394512904053571_yX7cE29k8kOb1nEA4IRtpssWcGeUTH2uJr1pfQMxucH; expires=Thu, 30 Nov 2023 21:06:38 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front225207
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   41
Md5:    6de86497641c67868bfddcbf5a8bf434
Sha1:   6065bb53c9addbda818a6b172597326ebc31e8dc
Sha256: 51d446e1b704e289975e53c6945dee986d432bb439d02a2afcee7ce1b5bddcf8
                                        
                                            GET /v1/urls/count.json?&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1669842397333656 HTTP/1.1 
Host: api.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         2.18.172.195
HTTP/2 200 OK
content-type: application/javascript
                                        
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 94
expires: Wed, 30 Nov 2022 21:21:38 GMT
x-envoy-upstream-service-time: 4
cache-control: no-cache, no-store, must-revalidate
x-pinterest-rid: 1046876148395072
date: Wed, 30 Nov 2022 21:06:38 GMT
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
akamai-grn: 0.540a655f.1669842398.23442828
x-cdn: akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   94
Md5:    f32e1ba39b47e888a6403eca24d175d1
Sha1:   894c38e22b2d77c227077630cb9df0ede592d4d8
Sha256: dbd6550cf061b70d692214c58bba13e986acbc4744b494deeb0e37ed9301bba8
                                        
                                            GET /v1/urls/count.json?&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dps&callback=callback__utl_cb_share_1669842397334471 HTTP/1.1 
Host: api.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         2.18.172.195
HTTP/2 200 OK
content-type: application/javascript
                                        
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 104
expires: Wed, 30 Nov 2022 21:21:38 GMT
x-envoy-upstream-service-time: 6
cache-control: no-cache, no-store, must-revalidate
x-pinterest-rid: 2050277815871199
date: Wed, 30 Nov 2022 21:06:38 GMT
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
akamai-grn: 0.540a655f.1669842398.2344282a
x-cdn: akamai
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   104
Md5:    2a5a18b0b8a687a8fd632d8e099c7be9
Sha1:   93892d1710d18b8badeb5aa6d693f03823671feb
Sha256: 4695be9887a66da925f5c4470266195f146196b5908aae1150253b93a3c97a5f
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 21:06:38 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Dec 2022 19:13:23 GMT
ETag: "64ce3360389d07d5deed12764c0ee4c42f073ec8"
Last-Modified: Wed, 30 Nov 2022 19:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3368
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77268c514f381c0e-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    1bb07c76d6cd8295950302c6e692af95
Sha1:   64ce3360389d07d5deed12764c0ee4c42f073ec8
Sha256: 2f9ffa2baec56af9fc72a0e4151d7586c21387faeee42137b453c8dc4e8b8a68
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 21:06:38 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Dec 2022 19:13:23 GMT
ETag: "64ce3360389d07d5deed12764c0ee4c42f073ec8"
Last-Modified: Wed, 30 Nov 2022 19:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3368
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77268c514b93b50f-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    1bb07c76d6cd8295950302c6e692af95
Sha1:   64ce3360389d07d5deed12764c0ee4c42f073ec8
Sha256: 2f9ffa2baec56af9fc72a0e4151d7586c21387faeee42137b453c8dc4e8b8a68
                                        
                                            GET /share.php?act=count&format=json&url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1669842397332269 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         87.240.132.78
HTTP/2 200 OK
content-type: text/html; charset=windows-1251
                                        
server: kittenx
date: Wed, 30 Nov 2022 21:06:38 GMT
content-length: 41
x-powered-by: KPHP/7.4.112783
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly remixlang=3; expires=Sun, 26 Nov 2023 17:58:11 GMT; path=/; domain=.vk.com remixstlid=9116216461925925186_InKDZKEtz4teNBwKmOgOdgLOflmsRwu6j3I3p9SvLzP; expires=Thu, 30 Nov 2023 21:06:38 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front225207
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   41
Md5:    6de86497641c67868bfddcbf5a8bf434
Sha1:   6065bb53c9addbda818a6b172597326ebc31e8dc
Sha256: 51d446e1b704e289975e53c6945dee986d432bb439d02a2afcee7ce1b5bddcf8
                                        
                                            GET /share_count?func=mrc__shareInit240&url_list=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1669842397334872 HTTP/1.1 
Host: connect.mail.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         94.100.180.54
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:38 GMT
Content-Length: 91
Connection: keep-alive
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private


--- Additional Info ---
Magic:  ASCII text
Size:   91
Md5:    cb552efbc7c55fbc57022d6c949de123
Sha1:   5e61c212e18424214337bec42b8a5115d0df01a8
Sha256: af54021b14f52c9f27c54c44235d4c6e6864782e2d8198db67da5a9b89094e19
                                        
                                            GET /share_count?func=mrc__shareInit891&url_list=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1669842397334323 HTTP/1.1 
Host: connect.mail.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         94.100.180.54
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 21:06:38 GMT
Content-Length: 101
Connection: keep-alive
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private


--- Additional Info ---
Magic:  ASCII text
Size:   101
Md5:    f695040dc7a3c10ca968cca3ae346fda
Sha1:   41ddf3936d88a1da630b5a9b894e30a22a847d50
Sha256: 7599acaca75fd9c7ac6bcab13c5aafc59162f56eb722fdb0f97774c249499482
                                        
                                            POST /webvisor/59396?wv-check=63796&wv-type=0&wmode=0&wv-part=1&wv-hit=104030318&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&rn=839211150&browser-info=gdpr%3A14%3Aet%3A1669842404%3Aw%3A1280x939%3Av%3A923%3Az%3A0%3Ai%3A20221130210643%3Au%3A1669842395640894071%3Avf%3A12kpamsypdk9qpokppnvg4%3Ast%3A1669842404&t=gdpr(14)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 516
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Wed, 30 Nov 2022 21:06:45 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 21:06:45 GMT
last-modified: Wed, 30-Nov-2022 21:06:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /webvisor/59396?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=104030318&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&rn=585022687&browser-info=gdpr%3A14%3Aet%3A1669842404%3Aw%3A1280x939%3Av%3A923%3Az%3A0%3Ai%3A20221130210643%3Au%3A1669842395640894071%3Avf%3A12kpamsypdk9qpokppnvg4%3Ast%3A1669842404&t=gdpr(14)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Wed, 30 Nov 2022 21:06:45 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 21:06:45 GMT
last-modified: Wed, 30-Nov-2022 21:06:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php%3F_utl_t%3Dok&callback=callback__utl_cb_share_1669842397332300 HTTP/1.1 
Host: connect.ok.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         217.20.152.207
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
                                        
server: apache
date: Wed, 30 Nov 2022 21:06:38 GMT
vary: Accept-Encoding
set-cookie: bci=-14915384309230431; Domain=.ok.ru; Expires=Tue, 19-Dec-2090 00:20:45 GMT; Path=/; Secure; HttpOnly _statid=3216dd7b-45b0-4e6c-9755-09ba9a9ece3b; Domain=.ok.ru; Expires=Tue, 19-Dec-2090 00:20:45 GMT; Path=/; Secure; HttpOnly landref=w.uptolike.com; Domain=.ok.ru; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&callback=callback__utl_cb_share_1669842397331777 HTTP/1.1 
Host: connect.ok.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         217.20.152.207
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
                                        
server: apache
date: Wed, 30 Nov 2022 21:06:38 GMT
vary: Accept-Encoding
set-cookie: bci=-7261521905653597667; Domain=.ok.ru; Expires=Tue, 19-Dec-2090 00:20:45 GMT; Path=/; Secure; HttpOnly _statid=23050033-7bf6-4d68-8c00-6d541e79d4b9; Domain=.ok.ru; Expires=Tue, 19-Dec-2090 00:20:45 GMT; Path=/; Secure; HttpOnly landref=w.uptolike.com; Domain=.ok.ru; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /watch/59396?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A547%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1646660671426%3Ahid%3A104030318%3Az%3A0%3Ai%3A20221130210635%3Aet%3A1669842395%3Ac%3A1%3Arn%3A614811662%3Arqn%3A1%3Au%3A1669842395640894071%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A41%2C29%2C78%2C2%2C-5%2C0%2C%2C405%2C7%2C%2C%2C%2C595%3Ans%3A1669842394695%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669842396%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ganjaplan.7fi.ru
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 302 Found
                                        
location: /watch/59396/1?wmode=7&page-url=http%3A%2F%2Fganjaplan.7fi.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A547%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1646660671426%3Ahid%3A104030318%3Az%3A0%3Ai%3A20221130210635%3Aet%3A1669842395%3Ac%3A1%3Arn%3A614811662%3Arqn%3A1%3Au%3A1669842395640894071%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A41%2C29%2C78%2C2%2C-5%2C0%2C%2C405%2C7%2C%2C%2C%2C595%3Ans%3A1669842394695%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669842396%3At%3A%D0%92%D0%BE%D0%B9%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 30 Nov 2022 21:06:36 GMT
access-control-allow-origin: http://ganjaplan.7fi.ru
set-cookie: yandexuid=8120199311669842396; Expires=Thu, 30-Nov-2023 21:06:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=8120199311669842396; Expires=Thu, 30-Nov-2023 21:06:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=1928401311669842396; Path=/; SameSite=None; Secure i=kENFcftEoEFJPsPXYxBI7nLDT4LpqYjgq1Mlj0flUdeEtVOU5ul5VNYaaUPfTRw8K4HRWZUH7o/L+6PNjLs9s4bSFAE=; Expires=Sat, 27-Nov-2032 21:06:35 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1701378396.yc.1669842396#1701378396.yrts.1669842396#1701378396.yrtsi.1669842396; Expires=Thu, 30-Nov-2023 21:06:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 21:06:36 GMT
last-modified: Wed, 30-Nov-2022 21:06:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c83ul/smart.js HTTP/1.1 
Host: cdn.smntq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ganjaplan.7fi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.217.109.66
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
server: nginx/1.20.1
date: Wed, 30 Nov 2022 21:06:37 GMT
set-cookie: smart=b4123b29547d41bbab3197966a0bf8ea; expires=Mon, 03-Jan-2028 21:06:37 GMT; Max-Age=160704000; path=/; SameSite=None; Secure; domain=cdn.smntq.com
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---