edemedem.me/offer?id=6823615
301 Moved Permanently 162 B URL HTTP/1.1 edemedem.me/offer?id=6823615
IP
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /offer?id=6823615 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=ogh3LsRY8Ett5uh1wRio; Domain=.edemedem.me; HttpOnly; Path=/; Expires=Tue, 09-Jan-2024 12:43:18 GMT
Date: Mon, 09 Jan 2023 12:43:18 GMT
Content-Type: text/html
Content-Length: 162
Location: https://edemedem.me/offer?id=6823615
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21210
Expires: Mon, 09 Jan 2023 18:36:48 GMT
Date: Mon, 09 Jan 2023 12:43:18 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4764
Expires: Mon, 09 Jan 2023 14:02:42 GMT
Date: Mon, 09 Jan 2023 12:43:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 11:48:23 GMT
content-type: application/json
age: 3295
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3154
Expires: Mon, 09 Jan 2023 13:35:52 GMT
Date: Mon, 09 Jan 2023 12:43:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ol2gWgPPYVNICXG5X+yDpkVfuAnqIU9/zN6D9pAaK4AuA8KD3FfEnSxBAYpvXS/NcMZWw2Eba0w=
x-amz-request-id: 9YKN3TWSGWC8Z6PA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 12:01:14 GMT
age: 2524
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3a10958895728eb26e703e19c1b37a20
a797f1c831488e2b5bb37973488f0d8689ef09c2
6ebbc3c13f707ea363c576f8f804ac6b0452501dad7e36995705ad2198de561e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6EBBC3C13F707EA363C576F8F804AC6B0452501DAD7E36995705AD2198DE561E"
Last-Modified: Sat, 07 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Mon, 09 Jan 2023 18:42:48 GMT
Date: Mon, 09 Jan 2023 12:43:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 12:17:22 GMT
age: 1557
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e8e0c910ffff02061a1806b1aa8cf9d2
c5bf0e7ad96e89b17a657fcb1e1cd1aa6d15ab89
896f08fa0030a1313df1f05ef47c5d1f11caa9094380fc026b95193164005448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:19 GMT
Etag: "63bbd928-1d7"
Last-Modified: Mon, 09 Jan 2023 12:24:15 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js
200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js
IP
File type ASCII text, with very long lines (551)
Hash 5f345b49c5cccdac9d92d226c63c0848
51daf502544cba68c3b260b80782818edc3509b7
d783ef3c478b98da6c706b71289143dbe1546b59ab498eafc8011c535312c92f
GET /ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 2995
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-1f33"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6367744
expires: Sat, 30 Dec 2023 12:43:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DTqe9xL6q9nfx8%2FmEMXQwlZAbagFFwvo%2BJLZ6yvPiAXeZg1PtLmgy5L99LigMA%2F8Cm65vGmqZ6ZxANu6lrpoLIX5wlnHe2bUxSTX2qUHwPcJZiCGVOwUPl7vGUQ%2BKZ49i4SoFzS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786d4207bf20b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
edemedem.me/assets/4.1/vendors.css?v=1673226929
200 OK 4.0 kB URL HTTP/2 edemedem.me/assets/4.1/vendors.css?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (55581)
Hash 095e4bc29722b168a660a2179557d5de
0b4fc2ff85f24850f97701bdcd79f725c48f4698
4e7114719bc79ef63e07ca79eaaed202e5814e44f376ae3c6e1309cc38adf871
GET /assets/4.1/vendors.css?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: text/css
content-length: 3997
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-f9d"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:19 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash ec8f7cfd9d8fc0c177d5de3a7251382c
e341bd1a81ad6362c5c437c235bcabb59e9a5e41
8f0807b0e8b3c20523985142a0e8e173c2cfa5a3f34341babf5a20055f339719
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 12:43:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 13 Jan 2023 10:58:24 GMT
ETag: "e341bd1a81ad6362c5c437c235bcabb59e9a5e41"
Last-Modified: Mon, 09 Jan 2023 10:58:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2771
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786d42083815b4ed-OSL
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 4299dc6c84202fe28d97b525d70abf05
2eb95191b9ba71a83ec8fc9cef735abf50a5016d
e5b986af24a24191fc138b849c41ba3284e4c82c5c712efcc81d269d2ecb6a62
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E5B986AF24A24191FC138B849C41BA3284E4C82C5C712EFCC81D269D2ECB6A62"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17715
Expires: Mon, 09 Jan 2023 17:38:34 GMT
Date: Mon, 09 Jan 2023 12:43:19 GMT
Connection: keep-alive
edemedem.me/assets/4.1/vendors.js?v=1673226929
200 OK 2.6 kB URL HTTP/2 edemedem.me/assets/4.1/vendors.js?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (8065), with no line terminators
Hash 11ae26ccdacfbc8c867f89ce2867296b
2731e827e70b6ddbc2cc5fec5de8c7b57ec4b1a4
8c12a1e5765c227adf44658851cb53efd26f2d64fe00e0f1be52216878fe1e92
GET /assets/4.1/vendors.js?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 2630
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-a46"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:19 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
edemedem.me/assets/4.1/nodes.js?v=1673226929
200 OK 10 kB URL HTTP/2 edemedem.me/assets/4.1/nodes.js?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (44354), with no line terminators
Hash af0661df41f46b82677293c0d1264235
5f9d5a327e3c81b2439d0787e29dc3b096fe82d0
73cd46b981c12d770f4dbe72be84f0fe2c851fd6f4f5eefd3fc419851ef3fcd3
GET /assets/4.1/nodes.js?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 10347
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-286b"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:19 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
edemedem.me/assets/4.1/nodes.css?v=1673226929
200 OK 7.4 kB URL HTTP/2 edemedem.me/assets/4.1/nodes.css?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (45171), with no line terminators
Hash 61b0af0ce0ce53e42690ecf4c1815e64
7ada5c32d04ad9f7794095530c9db7c8d82b29f3
fae5612b2d7316cce6be803a9ae4734c3092872ada977deaf1e66fabac488cc4
GET /assets/4.1/nodes.css?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: text/css
content-length: 7408
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-1cf0"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:19 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
edemedem.me/assets/4.1/default.css?v=1673226929
200 OK 23 kB URL HTTP/2 edemedem.me/assets/4.1/default.css?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 07b64f8f7dac2fcd97f5f882b8db31f8
31e3bf6c5fe256c3c13bec2585996b0f27c2032c
0cd03e918d4ccfe7a7f0476fa0b642f3674cfed8e89ef93cc37f5528d5a071e2
GET /assets/4.1/default.css?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: text/css
content-length: 23230
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-5abe"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:19 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
cdn.callibri.ru/callibri.js
200 OK 62 kB URL HTTP/2 cdn.callibri.ru/callibri.js
IP
ASN #49505 OOO Network of data-centers Selectel
File type C source, Unicode text, UTF-8 text, with very long lines (31997)
Hash ced91371fb9697e40128a12c0f7969d9
980adafa31f3f105ded9db121886b1d0f54ef7bd
307a6cc9c5be4edc76a800e5306e60ab0f891c809b1cf3eb0fb53c92e2b21185
GET /callibri.js HTTP/1.1
Host: cdn.callibri.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Backend-Timestamp, Etag, Last-Modified, X-Object-Manifest, X-Timestamp
cache-control: max-age=7200
content-length: 62018
content-type: text/javascript; charset=utf-8
last-modified: Tue, 27 Dec 2022 09:40:59 GMT
x-container-storage-policy-index: 0
x-container-storage-policy-name: Policy-0
x-timestamp: 1672134058.75758
x-trans-id: 17349d112cfa7346
date: Mon, 09 Jan 2023 11:47:06 GMT
age: 3373
X-Firefox-Spdy: h2
edemedem.me/assets/4.1/default.js?v=1673226929
200 OK 31 kB URL HTTP/2 edemedem.me/assets/4.1/default.js?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (60774), with no line terminators
Hash 0189c79bc8d16a4d8e03fa7fb4e9af0f
bdc4e4949ba0b42472d154eccd9ab7329a647971
6dca54fb5fd51646a45594cd6bfbe45f5980bc35dbacbd7117d4c15fb1122904
GET /assets/4.1/default.js?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 31208
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-79e8"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:19 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
edemedem.me/assets/4.1/vendors-sync.js?v=1673226929
200 OK 41 kB URL HTTP/2 edemedem.me/assets/4.1/vendors-sync.js?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 7fb5a5d5d70147866e81a6e061e41d33
b20f2b036a781bd33e876911c7a96c3b5f25a946
2ceebd959ad706fc66ea886c92ce354cf9a36ba87133ba2f1daa8dd7b89ee19c
GET /assets/4.1/vendors-sync.js?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 41190
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-a0e6"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:19 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 4299dc6c84202fe28d97b525d70abf05
2eb95191b9ba71a83ec8fc9cef735abf50a5016d
e5b986af24a24191fc138b849c41ba3284e4c82c5c712efcc81d269d2ecb6a62
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E5B986AF24A24191FC138B849C41BA3284E4C82C5C712EFCC81D269D2ECB6A62"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17715
Expires: Mon, 09 Jan 2023 17:38:34 GMT
Date: Mon, 09 Jan 2023 12:43:19 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AvA54n9VPNidClABlHM7lQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mwrXhniqWknCiqrEzX0xxnGL9yM=
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 7cf76749d90dec818bedce0c2249663a
1f426a3ea2dac9d3a361dd4e3e884b8cffa366bc
90c70c476885c636a71e6cb185b2a99ff8c9d1cc02481f0c16d5d04dca089a37
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 09 Jan 2023 12:43:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 08 Jan 2023 21:04:21 GMT
Expires: Mon, 09 Jan 2023 21:04:21 GMT
ETag: "1f426a3ea2dac9d3a361dd4e3e884b8cffa366bc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
code-ya.jivosite.com/widget/2pJBk4eW8A
200 OK 5.9 kB URL HTTP/2 code-ya.jivosite.com/widget/2pJBk4eW8A
IP
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (17132), with no line terminators
Hash 4ed53ed60dda87c7abf086e975902e89
deb873d181986c70c9a14847d95e6e138b2961e7
ce6183de5dc076e11536a3416e73bcd953c4d3978a76279a83bb37206f032e32
GET /widget/2pJBk4eW8A HTTP/1.1
Host: code-ya.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/javascript
content-length: 5938
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: br
etag: "63a04995-1732"
expires: Sun, 25 Dec 2022 15:51:09 GMT
last-modified: Mon, 19 Dec 2022 11:23:01 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2023-01-09T12:37:51+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 40da3a5ebd0cedacc58d8b93440dd605
6104faf4f7b8ebce8ab3c79cc5727561a99ccc20
4e9f4db7bcc8f7a6511149a5268eee832a636e1d5084abe12667d3657f6670a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9F4DB7BCC8F7A6511149A5268EEE832A636E1D5084ABE12667D3657F6670A5"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9057
Expires: Mon, 09 Jan 2023 15:14:16 GMT
Date: Mon, 09 Jan 2023 12:43:19 GMT
Connection: keep-alive
i.1.creatium.io/disk/static/support-scripts/integration/integration.js?data=2023-0-9
302 Moved Temporarily 145 B URL HTTP/1.1 i.1.creatium.io/disk/static/support-scripts/integration/integration.js?data=2023-0-9
IP
ASN #49505 OOO Network of data-centers Selectel
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bfe2c1d1b36c62666ce9ba537d324bd4
4d52a7c6d2909a506a4e81559eb24e8af077c741
5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8
GET /disk/static/support-scripts/integration/integration.js?data=2023-0-9 HTTP/1.1
Host: i.1.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: https://files2.creatium.io/support-scripts/integration/integration.js?data=2023-0-9
Expires: Tue, 10 Jan 2023 12:43:20 GMT
Cache-Control: max-age=86400, public
Access-Control-Allow-Origin: *
edemedem.me/assets/4.1/hovercss-async.css?v=1673226929
200 OK 7.9 kB URL HTTP/2 edemedem.me/assets/4.1/hovercss-async.css?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65203)
Hash c2bfbd39710a878126a1feed36b9c937
0b90907bca2babe2829c605a8551743ad74b8b3b
9dadc967c7a71edb02f420b0d7c1cb1bb73f0ed48d0564d883d5c89909e8a4f0
GET /assets/4.1/hovercss-async.css?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i; creatium-stat-cookie-hash=c95963a8f324891e451f28ef9fa494a4; visit_id=359147807; callibri_get_request=1673268186904; v1_referrer_callibri=; v1_data=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: text/css
content-length: 7945
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-1f09"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:20 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edemedem.me/assets/4.1/vendors-async.css?v=1673226929
200 OK 16 kB URL HTTP/2 edemedem.me/assets/4.1/vendors-async.css?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (50971)
Hash 10863c1047aab936afa0588102b95d6f
49fb3b8ef2fbefa6ec13f3af33a65794158a96f1
c1be1425ccfce8137ceb6370abe33bb7a961be534722f9d741254f175a24d9c9
GET /assets/4.1/vendors-async.css?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i; creatium-stat-cookie-hash=c95963a8f324891e451f28ef9fa494a4; visit_id=359147807; callibri_get_request=1673268186904; v1_referrer_callibri=; v1_data=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: text/css
content-length: 15709
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-3d5d"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:20 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
i.1.creatium.io/49/68/0f/b3e6678b44bc0564277d815bdb0578cf2e/205x50/edem_new_logo_color.svg
200 OK 8.1 kB URL HTTP/1.1 i.1.creatium.io/49/68/0f/b3e6678b44bc0564277d815bdb0578cf2e/205x50/edem_new_logo_color.svg
IP
ASN #49505 OOO Network of data-centers Selectel
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (8136), with no line terminators
Hash 57f21a8a31c9e61a650bb35ca5402cd8
39a5897bf893f8cc205c183efa37f6fd91865f49
b16f2f98fb6b593ec7d3da031dbb9aff2d606ec7e1cfb2c6f9f1eaaca3a156a6
GET /49/68/0f/b3e6678b44bc0564277d815bdb0578cf2e/205x50/edem_new_logo_color.svg HTTP/1.1
Host: i.1.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: image/svg+xml
Content-Length: 8136
Last-Modified: Thu, 11 Nov 2021 17:39:00 GMT
Connection: keep-alive
ETag: "618d5534-1fc8"
Expires: Tue, 10 Jan 2023 12:43:20 GMT
Cache-Control: max-age=86400, public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
edemedem.me/assets/4.1/vendors-async.js?v=1673226929
200 OK 36 kB URL HTTP/2 edemedem.me/assets/4.1/vendors-async.js?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 69eff60b50469fad7ed2770e1942dab5
443bee36984da10251ee6a07da0fa27279523abe
5c7653052f80389bfac044bce48eda34a46e8bbd9af57feb730bef9ffb8983b5
GET /assets/4.1/vendors-async.js?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i; creatium-stat-cookie-hash=c95963a8f324891e451f28ef9fa494a4; visit_id=359147807; callibri_get_request=1673268186904; v1_referrer_callibri=; v1_data=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 36546
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-8ec2"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:20 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
edemedem.me/assets/4.1/swiper-async.js?v=1673226929
200 OK 29 kB URL HTTP/2 edemedem.me/assets/4.1/swiper-async.js?v=1673226929
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6b0c1182c66225b413e5c48733af572c
4c61a2edfc1ce3d415e1588d00e7ce8aa550c3f3
043a4347e419164ef6adc3d101df066b32af690ce7891a27b785c434fdcf52a6
GET /assets/4.1/swiper-async.js?v=1673226929 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i; creatium-stat-cookie-hash=c95963a8f324891e451f28ef9fa494a4; visit_id=359147807; callibri_get_request=1673268186904; v1_referrer_callibri=; v1_data=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 28651
last-modified: Mon, 09 Jan 2023 01:15:29 GMT
vary: Accept-Encoding
etag: "63bb6ab1-6feb"
content-encoding: gzip
expires: Mon, 09 Jan 2023 12:44:20 GMT
cache-control: max-age=60
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2
200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8004, version 1.0\012- data
Hash b8a796908ac4cccc12523d6a6c8e9b42
7e70fcb471e56b2a19f2252930953b3e60fe1a9f
1b257dc12266c8455c5187bc9234d5ea37d0ef84f6d7027434e48f39108139cf
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 17:02:41 GMT
expires: Thu, 04 Jan 2024 17:02:41 GMT
cache-control: public, max-age=31536000
age: 416439
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gfD_vx3rCubqg.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gfD_vx3rCubqg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11736, version 1.0\012- data
Hash 9a5872f0356b0fe414c1aee4ac32b393
f4a076075c604952e7a6603fe4fd1edd33f1d333
2c337a293de1c948d3e9438ff2563a274a33383829ef9fa736eae43a4fb539f9
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gfD_vx3rCubqg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 10:06:11 GMT
expires: Tue, 09 Jan 2024 10:06:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Jul 2019 03:46:56 GMT
content-type: font/woff2
age: 9429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13640, version 1.0\012- data
Hash 61c83fdcf7cde818937ce93807434fb8
f79bed3a76e827af4c49d967af1ed795a4179738
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 05:36:23 GMT
expires: Thu, 04 Jan 2024 05:36:23 GMT
cache-control: public, max-age=31536000
age: 457617
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13612, version 1.0\012- data
Hash 26c24b09efea1d8410ced381380f026d
aadbddac4c13b6104b7c1e8734388b8236d21986
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13612
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 08:34:24 GMT
expires: Fri, 05 Jan 2024 08:34:24 GMT
cache-control: public, max-age=31536000
age: 360536
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3g3D_vx3rCubqg.woff2
200 OK 8.1 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3g3D_vx3rCubqg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8128, version 1.0\012- data
Hash c37c1ab8827db84ed491b6a810f3273d
dfe9cebdfc9d6b118b6b27a8d9e9cbdad0fe84d0
6b03d62eccc416b366a463139ef18ea6060992ebb0bcbfbbb3d004ec6a349c0c
GET /s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3g3D_vx3rCubqg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 22:04:17 GMT
expires: Tue, 02 Jan 2024 22:04:17 GMT
cache-control: public, max-age=31536000
age: 571143
last-modified: Tue, 23 Jul 2019 03:46:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code-ya.jivosite.com/script/widget/config/2pJBk4eW8A
200 OK 2.6 kB URL HTTP/2 code-ya.jivosite.com/script/widget/config/2pJBk4eW8A
IP
ASN #199524 G-Core Labs S.A.
Hash 87d305fc90e775f06d61f3230868bfaf
d0ede17e94f3be156513a68db22af124a1e489f8
258ed77e690dbbc7a39ec73b87cbba824fd98c65bf28e82fe350ee09e4653770
GET /script/widget/config/2pJBk4eW8A HTTP/1.1
Host: code-ya.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: gzip
expires: Mon, 09 Jan 2023 14:37:52 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2023-01-09T12:37:52+00:00
x-id: fr5-up-gc15
X-Firefox-Spdy: h2
module.callibri.ru/module/number
200 OK 0 B URL HTTP/1.1 module.callibri.ru/module/number
IP
ASN #44128 Internet-Pro LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /module/number HTTP/1.1
Host: module.callibri.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://edemedem.me/
Origin: https://edemedem.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, OPTIONS, GET
Access-Control-Allow-Headers: Content-Type, Accept
Access-Control-Request-Method: *
i.1.creatium.io/f3/d6/ea/35ecf4c3c604abc9c0a666f60fdef78e24/100x121q8/photo_2022_10_19_15_49_42.jpg
200 OK 4.0 kB URL HTTP/1.1 i.1.creatium.io/f3/d6/ea/35ecf4c3c604abc9c0a666f60fdef78e24/100x121q8/photo_2022_10_19_15_49_42.jpg
IP
ASN #49505 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 100x121, components 3\012- data
Hash b3ecbc1976b8946e6a6956e4d8ace21f
60ffaf9fc555d687b61ff89579bd21be6e6d6418
2d4b7dfb9ed7f6773444da476d8b1fb08280cbfed1a3ca092f31ec009e9a754b
GET /f3/d6/ea/35ecf4c3c604abc9c0a666f60fdef78e24/100x121q8/photo_2022_10_19_15_49_42.jpg HTTP/1.1
Host: i.1.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: image/jpeg
Content-Length: 3952
Connection: keep-alive
Expires: Tue, 10 Jan 2023 12:43:20 GMT
Cache-control: max-age=86400, public
Access-Control-Allow-Origin: *
files2.creatium.io/support-scripts/integration/integration.js?data=2023-0-9
200 OK 57 kB URL HTTP/1.1 files2.creatium.io/support-scripts/integration/integration.js?data=2023-0-9
IP
ASN #49505 OOO Network of data-centers Selectel
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash cdab9f7e30c884dde1a5acf4594dedb8
b8bd40e0fc92e0527f58ea7106fc8dd0acb05166
42b14f7e6f5e0e952fda56d1d85011b56c94f90efe5d7dc5dfc99b19fff3faae
GET /support-scripts/integration/integration.js?data=2023-0-9 HTTP/1.1
Host: files2.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://edemedem.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: application/javascript
Content-Length: 57444
Last-Modified: Fri, 19 Jun 2020 08:03:26 GMT
Connection: keep-alive
ETag: "5eec714e-e064"
Expires: Tue, 10 Jan 2023 12:43:20 GMT
Cache-Control: max-age=86400, public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
module.callibri.ru/module/number
200 OK 241 B URL HTTP/1.1 module.callibri.ru/module/number
IP
ASN #44128 Internet-Pro LLC
File type JSON data\012- , ASCII text, with very long lines (383), with no line terminators
Hash 93be8ddb7c5c6792664aa98262fda6ca
28c145ce33c4b2779686bca74df93b561a6727c4
36a2fea71a61a91bb923176548f0d9fc76d08793779ed2330f8b5ae47a03258e
POST /module/number HTTP/1.1
Host: module.callibri.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 215
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Status: 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger 6.0.7
Content-Encoding: gzip
i.1.creatium.io/3a/7b/3b/aa8a07a7893b8e6f1a05544046c1c3602d/180x180/favicon.png
200 OK 8.4 kB URL HTTP/1.1 i.1.creatium.io/3a/7b/3b/aa8a07a7893b8e6f1a05544046c1c3602d/180x180/favicon.png
IP
ASN #49505 OOO Network of data-centers Selectel
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash d4e79cceea01a6f0bcee17c889ecd83d
70e33c857d10cd9da1f534e80845ca0bfc41c307
142a5a5b320d9dd92bde41d72ebdecf4b6f51c106c1053fbc168ae0061bd3c0a
GET /3a/7b/3b/aa8a07a7893b8e6f1a05544046c1c3602d/180x180/favicon.png HTTP/1.1
Host: i.1.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: image/png
Content-Length: 8386
Last-Modified: Tue, 27 Dec 2022 23:57:58 GMT
Connection: keep-alive
ETag: "63ab8686-20c2"
Expires: Tue, 10 Jan 2023 12:43:20 GMT
Cache-Control: max-age=86400, public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
i.1.creatium.io/3a/7b/3b/aa8a07a7893b8e6f1a05544046c1c3602d/196x196/favicon.png
200 OK 4.9 kB URL HTTP/1.1 i.1.creatium.io/3a/7b/3b/aa8a07a7893b8e6f1a05544046c1c3602d/196x196/favicon.png
IP
ASN #49505 OOO Network of data-centers Selectel
File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c71aaebb9c7011319091e0dbff28e23
2fb944d1c321e034b95ec243ff6a4a36d1e47a5b
1cf0367e05b8985093ef8add47872f4c342f56dab8c9958f9117a00184f25038
GET /3a/7b/3b/aa8a07a7893b8e6f1a05544046c1c3602d/196x196/favicon.png HTTP/1.1
Host: i.1.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: image/png
Content-Length: 4937
Last-Modified: Sat, 03 Dec 2022 01:56:40 GMT
Connection: keep-alive
ETag: "638aacd8-1349"
Expires: Tue, 10 Jan 2023 12:43:20 GMT
Cache-Control: max-age=86400, public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5903
Cache-Control: max-age=111358
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Etag: "63bb04d7-1d7"
Expires: Tue, 10 Jan 2023 19:39:18 GMT
Last-Modified: Sun, 08 Jan 2023 18:00:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 09 Jan 2023 12:41:08 GMT
expires: Mon, 09 Jan 2023 14:41:08 GMT
cache-control: public, max-age=7200
age: 132
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 4aa5723e20bb937995d58baee63ccef3
4f4451ce70e0f1174447f509b9ecfae0030d69b8
a442ce52f0330fe4e1d6e25a76d9cf569cf7e649416caf201d0570a1cadf7de8
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: gDiYAFN+zYXrXuGlAknYFya8NMbxItoxJORV5eu87gxxRFmnjXEaToVdMH9QOOGR8qYVMlEn/HmLXNvr+XGhzQ==
priority: u=3,i
content-length: 27613
x-fb-trip-id: 1904183273
date: Mon, 09 Jan 2023 12:43:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5903
Cache-Control: max-age=111358
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Etag: "63bb04d7-1d7"
Expires: Tue, 10 Jan 2023 19:39:18 GMT
Last-Modified: Sun, 08 Jan 2023 18:00:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash ca8ac4f59ce06731dcaf5e88e81df163
d4585f58e10d60f8cedf5190f87ea1316f880e85
aeeb8a76426e0e77bcf017bbfcaf4bed9df3eb3cf6f8a4bbfbecd49f9eafdc1b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 12:43:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 13 Jan 2023 10:58:55 GMT
ETag: "d4585f58e10d60f8cedf5190f87ea1316f880e85"
Last-Modified: Mon, 09 Jan 2023 10:58:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3079
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786d420c3eacb4ed-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vk.com/js/api/openapi.js?162
200 OK 24 kB URL HTTP/2 vk.com/js/api/openapi.js?162
IP
File type JSON data\012- , ASCII text, with very long lines (462), with no line terminators
Hash be012806964138b34390551e4f03c5c8
fca0f95e23ca1fa18940b0e63d4c00772bbd431f
b77d75a5c46136e91a974b093c439df4b361c1dcd64d14bf06f363f9f88f9d0a
GET /js/api/openapi.js?162 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: application/x-javascript
content-length: 23318
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
etag: "6389a5e0-5b16"
content-encoding: br
expires: Fri, 13 Jan 2023 12:43:20 GMT
cache-control: max-age=345600
x-frontend: front512004
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash b604b44a44140d3e443d1c1c9da02d8d
05407447253dbbd694e67456c6b25b5112bd359d
0dcc105aceee70b68e812bdb6033ab465720efe541259c35f19aa09fadc88bf8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73737
date: Mon, 09 Jan 2023 12:43:20 GMT
access-control-allow-origin: *
etag: "63ae6ee1-12009"
expires: Mon, 09 Jan 2023 13:43:20 GMT
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
node-sber1-az2-2.jivosite.com/widget/status/222376/2pJBk4eW8A?rnd=0.6064453112099261
200 OK 347 B URL HTTP/2 node-sber1-az2-2.jivosite.com/widget/status/222376/2pJBk4eW8A?rnd=0.6064453112099261
IP
ASN #208677 Cloud technology Limited (Ltd.)
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (304), with no line terminators
Hash 72680fdd167c21f3268dfd1793044c50
e5f1953ce933e13c9428a4b2d902c9e4ff2a62e2
3fca7947a20dd9ee02a6e6b0a5454de310c2779599df077105bd708d1d056d15
GET /widget/status/222376/2pJBk4eW8A?rnd=0.6064453112099261 HTTP/1.1
Host: node-sber1-az2-2.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
access-control-allow-origin: https://edemedem.me
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'none';
content-type: application/json; charset=utf-8
pragma: no-cache
server: foxy/2.0.1
x-botmode: no
x-frame-options: DENY
x-geoip: NO;03;Oslo (Alna District)
content-length: 347
date: Mon, 09 Jan 2023 12:43:20 GMT
X-Firefox-Spdy: h2
vk.com/rtrg?p=VK-RTRG-127132-9E1bT&metatag_url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&metatag_title=%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5
200 OK 65 B URL HTTP/2 vk.com/rtrg?p=VK-RTRG-127132-9E1bT&metatag_url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&metatag_title=%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ec4341fe3a8b2c4880fbfe0ef9cde34f
a0947414eb426b2939ca1a05fc870763f6bfc63f
01229c58f8015c623259e635969b8520945e2e0de1927a1375d48ad0ce915463
GET /rtrg?p=VK-RTRG-127132-9E1bT&metatag_url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&metatag_title=%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: image/gif
content-length: 65
x-powered-by: KPHP/7.4.113022
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Fri, 05 Jan 2024 10:31:36 GMT; path=/; domain=.vk.com
remixstlid=9052606542990923652_q9oN9Qe5l3zSyDcSYzsupmzb6ZU5IuNEoNGmlr2nMvP; expires=Tue, 09 Jan 2024 12:43:20 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front512004
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&gjid=750132839&_gid=1493876574.1673268187&_u=IEBAAEAAAAAAACAAI~&z=607302787
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&gjid=750132839&_gid=1493876574.1673268187&_u=IEBAAEAAAAAAACAAI~&z=607302787
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&gjid=750132839&_gid=1493876574.1673268187&_u=IEBAAEAAAAAAACAAI~&z=607302787 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://edemedem.me
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Jan 2023 12:43:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 89 kB IP
File type gzip compressed data, from Unix\012- data
Hash 741a7a80b2eae2531a62acca0958b2fe
7a2b71d5a3233adbf5e60ac18720ba8255979ea1
57194092266f13277d6de89d325f3f63044fed182991842f699a1c12de293622
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/29087990?wmode=7&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1261%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A453093891924%3Ahid%3A816695700%3Az%3A0%3Ai%3A20230109124307%3Aet%3A1673268188%3Ac%3A1%3Arn%3A544523239%3Arqn%3A1%3Au%3A1673268188430652583%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C235%2C381%2C0%2C241%2C0%2C%2C359%2C4%2C%2C%2C%2C1282%3Aco%3A0%3Ans%3A1673268185684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673268188%3At%3A%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/29087990?wmode=7&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1261%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A453093891924%3Ahid%3A816695700%3Az%3A0%3Ai%3A20230109124307%3Aet%3A1673268188%3Ac%3A1%3Arn%3A544523239%3Arqn%3A1%3Au%3A1673268188430652583%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C235%2C381%2C0%2C241%2C0%2C%2C359%2C4%2C%2C%2C%2C1282%3Aco%3A0%3Ans%3A1673268185684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673268188%3At%3A%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/29087990?wmode=7&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1261%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A453093891924%3Ahid%3A816695700%3Az%3A0%3Ai%3A20230109124307%3Aet%3A1673268188%3Ac%3A1%3Arn%3A544523239%3Arqn%3A1%3Au%3A1673268188430652583%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C235%2C381%2C0%2C241%2C0%2C%2C359%2C4%2C%2C%2C%2C1282%3Aco%3A0%3Ans%3A1673268185684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673268188%3At%3A%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/29087990/1?wmode=7&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1261%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A453093891924%3Ahid%3A816695700%3Az%3A0%3Ai%3A20230109124307%3Aet%3A1673268188%3Ac%3A1%3Arn%3A544523239%3Arqn%3A1%3Au%3A1673268188430652583%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C235%2C381%2C0%2C241%2C0%2C%2C359%2C4%2C%2C%2C%2C1282%3Aco%3A0%3Ans%3A1673268185684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673268188%3At%3A%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 09 Jan 2023 12:43:20 GMT
access-control-allow-origin: https://edemedem.me
set-cookie: yabs-sid=337313601673268200; Path=/; SameSite=None; Secure
i=YBIXVyegBO5mwWJuhkvqfGMxOxm5X3huKqYVc9558/Ff8/UklehkXN2giB22pkfnB9LcGvXP67gsr7vQu6SkLzC9zbU=; Expires=Thu, 06-Jan-2033 12:43:18 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3498020201673268200; Expires=Tue, 09-Jan-2024 12:43:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3498020201673268200; Expires=Tue, 09-Jan-2024 12:43:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1704804200.yc.1673268200#1704804200.yrts.1673268200#1704804200.yrtsi.1673268200; Expires=Tue, 09-Jan-2024 12:43:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:20 GMT
last-modified: Mon, 09-Jan-2023 12:43:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/29087990/1?wmode=7&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1261%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A453093891924%3Ahid%3A816695700%3Az%3A0%3Ai%3A20230109124307%3Aet%3A1673268188%3Ac%3A1%3Arn%3A544523239%3Arqn%3A1%3Au%3A1673268188430652583%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C235%2C381%2C0%2C241%2C0%2C%2C359%2C4%2C%2C%2C%2C1282%3Aco%3A0%3Ans%3A1673268185684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673268188%3At%3A%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
200 OK 546 B URL HTTP/2 mc.yandex.ru/watch/29087990/1?wmode=7&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1261%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A453093891924%3Ahid%3A816695700%3Az%3A0%3Ai%3A20230109124307%3Aet%3A1673268188%3Ac%3A1%3Arn%3A544523239%3Arqn%3A1%3Au%3A1673268188430652583%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C235%2C381%2C0%2C241%2C0%2C%2C359%2C4%2C%2C%2C%2C1282%3Aco%3A0%3Ans%3A1673268185684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673268188%3At%3A%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (546), with no line terminators
Hash 590289ef83eca823d138556f27178660
b49fbfd90d22d5f2015db01e6293ea7fd52dc96c
fd660ffb5bedfff48aeabc357227a3d230937675bd6bb9424a14586461a06fcd
GET /watch/29087990/1?wmode=7&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1261%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A453093891924%3Ahid%3A816695700%3Az%3A0%3Ai%3A20230109124307%3Aet%3A1673268188%3Ac%3A1%3Arn%3A544523239%3Arqn%3A1%3Au%3A1673268188430652583%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C235%2C381%2C0%2C241%2C0%2C%2C359%2C4%2C%2C%2C%2C1282%3Aco%3A0%3Ans%3A1673268185684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673268188%3At%3A%D0%9A%D0%BE%D0%BC%D0%BC%D0%B5%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://edemedem.me
Referer: https://edemedem.me/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 546
date: Mon, 09 Jan 2023 12:43:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://edemedem.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:20 GMT
last-modified: Mon, 09-Jan-2023 12:43:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
edemedem.me/app/sv?tech=796336.816623.104134&url=%2Foffer%3Fid%3D6823615&referer=
200 OK 561 B URL HTTP/2 edemedem.me/app/sv?tech=796336.816623.104134&url=%2Foffer%3Fid%3D6823615&referer=
IP
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with no line terminators
Hash 2e87e504f98a489affd4cd156a9b21ff
ba2525506d3b34d6dba9bf75b18d5f69aaac16fb
b4a31d83eaebc72fddac53ac7eea0f3eadc4c1a5a415308f7f822d73e78387fe
GET /app/sv?tech=796336.816623.104134&url=%2Foffer%3Fid%3D6823615&referer= HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
set-cookie: creatium-stat-cookie-hash=c95963a8f324891e451f28ef9fa494a4; expires=Tue, 09-Jan-2024 12:43:19 GMT; Max-Age=31536000; path=/; secure; SameSite=None
visit_id=359147807; path=/; domain=edemedem.me
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=202459796879753&ev=PageView&dl=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rl=&if=false&ts=1673268187782&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673268187781.2140784742&it=1673268187406&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=202459796879753&ev=PageView&dl=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rl=&if=false&ts=1673268187782&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673268187781.2140784742&it=1673268187406&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=202459796879753&ev=PageView&dl=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rl=&if=false&ts=1673268187782&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673268187781.2140784742&it=1673268187406&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 09 Jan 2023 12:43:20 GMT
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&_u=IEBAAEAAAAAAACAAI~&z=1257692297
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&_u=IEBAAEAAAAAAACAAI~&z=1257692297
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&_u=IEBAAEAAAAAAACAAI~&z=1257692297 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 12:43:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&_u=IEBAAEAAAAAAACAAI~&z=1257692297
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&_u=IEBAAEAAAAAAACAAI~&z=1257692297
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-101835544-1&cid=737064486.1673268187&jid=1466036062&_u=IEBAAEAAAAAAACAAI~&z=1257692297 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 12:43:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 12:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8494
Expires: Mon, 09 Jan 2023 15:04:55 GMT
Date: Mon, 09 Jan 2023 12:43:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8494
Expires: Mon, 09 Jan 2023 15:04:55 GMT
Date: Mon, 09 Jan 2023 12:43:21 GMT
Connection: keep-alive
i.1.creatium.io/f1/6f/52/8ca02a2a3675f06241b3b44b76594828b4/235x137q8/edembolshoy3.jpg_fit_591_2c345_ssl_1_is_pending_load_1
200 OK 104 kB URL HTTP/1.1 i.1.creatium.io/f1/6f/52/8ca02a2a3675f06241b3b44b76594828b4/235x137q8/edembolshoy3.jpg_fit_591_2c345_ssl_1_is_pending_load_1
IP
ASN #49505 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 591x345, components 3\012- data
Size 104 kB (103859 bytes)
Hash 1bb05b07575fc922a2a9fb5bca5da1b3
482713acbe2c1be167c0d9d9801e082240ecc6f7
b36664b04bb80d027354da65f2b75f3dc94c1fe058a3fe6d858b7644f0ce55c1
GET /f1/6f/52/8ca02a2a3675f06241b3b44b76594828b4/235x137q8/edembolshoy3.jpg_fit_591_2c345_ssl_1_is_pending_load_1 HTTP/1.1
Host: i.1.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:21 GMT
Content-Type: application/octet-stream
Content-Length: 103859
Last-Modified: Tue, 04 Jan 2022 04:54:11 GMT
Connection: keep-alive
ETag: "61d3d2f3-195b3"
Expires: Tue, 10 Jan 2023 12:43:21 GMT
Cache-Control: max-age=86400, public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8494
Expires: Mon, 09 Jan 2023 15:04:55 GMT
Date: Mon, 09 Jan 2023 12:43:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12955
Expires: Mon, 09 Jan 2023 16:19:16 GMT
Date: Mon, 09 Jan 2023 12:43:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7172ba8ac61060c9f94ad799db6af44
253917924d50c99a5b2fd83a816135846f7a9b80
3c2eee988ef973aca8d53e8c23e6475f9eb8311dff948fbe64106fd20b217d81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2EEE988EF973ACA8D53E8C23E6475F9EB8311DFF948FBE64106FD20B217D81"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12955
Expires: Mon, 09 Jan 2023 16:19:16 GMT
Date: Mon, 09 Jan 2023 12:43:21 GMT
Connection: keep-alive
i.1.creatium.io/3b/3a/93/3d9738070e6fe41ea9baed9d724706b204/235x137q8/edembolshoy4.jpg_fit_591_2c345_ssl_1_is_pending_load_1
200 OK 123 kB URL HTTP/1.1 i.1.creatium.io/3b/3a/93/3d9738070e6fe41ea9baed9d724706b204/235x137q8/edembolshoy4.jpg_fit_591_2c345_ssl_1_is_pending_load_1
IP
ASN #49505 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 591x345, components 3\012- data
Size 123 kB (123232 bytes)
Hash abb79bcc9c05cfbb1d0a68aa0e5e20a3
c3677a95497f8ee74a26a4a11ad01346c590415d
8ddff838a996197e51a172b91692d02f4ec9ff240c3b93c2836f1f7852b7f75d
GET /3b/3a/93/3d9738070e6fe41ea9baed9d724706b204/235x137q8/edembolshoy4.jpg_fit_591_2c345_ssl_1_is_pending_load_1 HTTP/1.1
Host: i.1.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:21 GMT
Content-Type: application/octet-stream
Content-Length: 123232
Last-Modified: Tue, 04 Jan 2022 04:54:11 GMT
Connection: keep-alive
ETag: "61d3d2f3-1e160"
Expires: Tue, 10 Jan 2023 12:43:21 GMT
Cache-Control: max-age=86400, public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
i.1.creatium.io/cb/ea/08/252276447aa7aa1cd17b98c7964bce7940/500x375q8/b2ap3_large_rip_guru_ru_0008.jpg
200 OK 40 kB URL HTTP/1.1 i.1.creatium.io/cb/ea/08/252276447aa7aa1cd17b98c7964bce7940/500x375q8/b2ap3_large_rip_guru_ru_0008.jpg
IP
ASN #49505 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 500x375, components 3\012- data
Hash 2732475bd296fcaed18eb0f7be74acec
435149a3199b4630263e5b9a2442dea62687db06
e314d710499d5b885bf781c663e09179d330abc6e87747f609febd5e9571f18b
GET /cb/ea/08/252276447aa7aa1cd17b98c7964bce7940/500x375q8/b2ap3_large_rip_guru_ru_0008.jpg HTTP/1.1
Host: i.1.creatium.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 09 Jan 2023 12:43:21 GMT
Content-Type: image/jpeg
Content-Length: 40066
Connection: keep-alive
Expires: Tue, 10 Jan 2023 12:43:21 GMT
Cache-control: max-age=86400, public
Access-Control-Allow-Origin: *
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 405085aa-d0f5-4786-8fd7-46d74a6e8d1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecaIxGdkIAMFaBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3d6b-07f34cbf7e1df2fa7a4d8982;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:02:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mRyiYL1hTv7MvjLg92gwPBszcW1mqdKadIcQVG_rsQ6b15uyGkyZbQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 02:16:11 GMT
age: 37630
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b87f42d40f3cc7bc9f46964e83d787
400474fb7b7d241935f5a5745281e6d95902581c
5a2818d70f4304bb2ed26ad0fe1658bc130aff43e11c60e0abac8be6e51836c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8284
x-amzn-requestid: 63848f4b-7540-4a5f-bfe4-f4d7d19f6450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecZPxFWUoAMF3hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3bfe-11b47e784b3d329e4d698137;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:56:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ruMyNWcLKGt-fDCBxTx5ofenbzXNBv48Y0U1GPwhDWDrwm-njm1lGA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:36:09 GMT
age: 32832
etag: "400474fb7b7d241935f5a5745281e6d95902581c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a287e312b7ea41cf63badb369b85158b
65763688f4b00b498d0e70151a09d4ebb14e2b33
a9dc69148414c0794cfb5b576b5cf74221c465e8dccbe9da71b40521e8cff129
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7226
x-amzn-requestid: 5b7b8eb4-7a80-4a00-b693-d624ed174108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0WsHvZIAMF34Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba342a-19e87b9b175b436e72df3fd9;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SN-7M5K3nkGxyLSGXyHkbvhxDhSvzcir6hL46Tvi__SWLgOyWflwcg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:34:32 GMT
age: 32929
etag: "65763688f4b00b498d0e70151a09d4ebb14e2b33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0defc5fd929d3ca7df12b102b551453
f44e4ac4a10991e12994e3b5d6f3cc1b1658967a
f551a1c156ec30405668d66bff9e1359805b773457602e44748be80cbb1f8a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4687
x-amzn-requestid: 18bf71d4-030e-4a08-ae18-48fe037e6e0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7GzXIAMFnFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-710f414a2d1b239f6d59d73a;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wkKw4Bgb_vxuY641mGDczUNQUfGXiozbOtpFwfK6aThfJj_q5T_IDg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:49:53 GMT
age: 32008
etag: "f44e4ac4a10991e12994e3b5d6f3cc1b1658967a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b75a93b9f0106516f046eb424b0c8d9
c9509f976390441bbd3bd7521cb1848f4f481fd0
0b69fd368ef68510387a871acfffe82afc4414163c661f76e574dffdcc94104a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46239df3-17a1-48a0-95bc-7ac540c3def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12971
x-amzn-requestid: ed6346eb-d3ae-4343-8eab-b4321aad3135
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXEBqG97IAMF3Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b91a0a-4eb212756fcc0d3175dd0225;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 07:06:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: m2BuFpIx0utir3G3NvMxAz8nTBmTl_nKgyMuEcM80DMRc9uinAl-mw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 05:40:49 GMT
age: 25352
etag: "c9509f976390441bbd3bd7521cb1848f4f481fd0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9adc723b6823a4cf4ca3595febeccfa3
e20675c6a85a03fab85576b65892790058072377
0717e810d9e1908a206f12f54e77caa829426bbfe8c178db4566151f3562c177
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6317
x-amzn-requestid: 144bd535-24b1-414d-94dc-8fc40838572c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWFdH7GIAMFavA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb36ef-5a595f255fd3f929499d782b;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HvzCI2mKasNP1XSUHrsNGt8YVbtWcJQPtqs-Lu3Vnw3ERrrd4d2W1A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 21:42:06 GMT
age: 54075
etag: "e20675c6a85a03fab85576b65892790058072377"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=941363161&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268190%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124310%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268190&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=941363161&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268190%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124310%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268190&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/29087990?wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=941363161&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268190%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124310%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268190&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 57814
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 12:43:23 GMT
access-control-allow-origin: https://edemedem.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:23 GMT
last-modified: Mon, 09-Jan-2023 12:43:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=1038960421&wv-type=3&browser-info=we%3A1%3Aet%3A1673268191%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124310%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268191&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=1038960421&wv-type=3&browser-info=we%3A1%3Aet%3A1673268191%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124310%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268191&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/29087990?wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=1038960421&wv-type=3&browser-info=we%3A1%3Aet%3A1673268191%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124310%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268191&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 12:43:23 GMT
access-control-allow-origin: https://edemedem.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:23 GMT
last-modified: Mon, 09-Jan-2023 12:43:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 628c1f4e802ce5e3fcfda8e33256c953
45978fbca45279eeb71863a50adb1daf3277777d
cb480c213dbeeb0fd83507ea79d531bca8cb1b02d9dd3cc75151ffe24ed75dd0
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 12:43:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 13 Jan 2023 09:52:10 GMT
ETag: "45978fbca45279eeb71863a50adb1daf3277777d"
Last-Modified: Mon, 09 Jan 2023 09:52:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 946
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786d422f19b8b4ed-OSL
code.jivo.ru/js/bundle_ru_RU.js?rand=1671452957
200 OK 312 kB URL HTTP/2 code.jivo.ru/js/bundle_ru_RU.js?rand=1671452957
IP
ASN #199524 G-Core Labs S.A.
File type Unicode text, UTF-8 text, with very long lines (61072), with no line terminators
Size 312 kB (311868 bytes)
Hash 913b4b2623f54a943566465f42ba401a
cac41c82a0675da861adba6de1835230833d94d7
83a5f3fe3390271c11826d46057477d78fd96444186b16597b7e5d644db2d621
GET /js/bundle_ru_RU.js?rand=1671452957 HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:43:25 GMT
content-type: application/javascript
content-length: 311868
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: br
etag: "63a049f1-4c23c"
last-modified: Mon, 19 Dec 2022 11:24:33 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2023-01-09T09:07:27+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivo.ru/css/1ee7aca/widget.css
200 OK 55 kB URL HTTP/2 code.jivo.ru/css/1ee7aca/widget.css
IP
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2a8c7b6821e589309e1a689f95d9ca0e
0a2cf97f65c48500d66f1a6c2034310a6b39798a
c3d96df0e3dd4d4c16011d37e6bc20b823905c6be10a06f780ed36abb9131176
GET /css/1ee7aca/widget.css HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 12:43:26 GMT
content-type: text/css
content-length: 54730
cache-control: max-age=864000
content-encoding: br
etag: "63a049d9-d5ca"
expires: Mon, 09 Jan 2023 09:09:17 GMT
last-modified: Mon, 19 Dec 2022 11:24:09 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2023-01-09T09:09:18+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivo.ru/sounds/agent_message.mp3
206 Partial Content 3.8 kB URL HTTP/2 code.jivo.ru/sounds/agent_message.mp3
IP
ASN #199524 G-Core Labs S.A.
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 8e9a165c4cb185ffd0b2658fa088e43b
195873e5e8bbb2f5ecc32d95f90d6fb75817a649
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43
GET /sounds/agent_message.mp3 HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Mon, 09 Jan 2023 12:43:26 GMT
content-type: audio/mpeg
content-length: 3760
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "63a04962-eb0"
expires: Sun, 29 Jan 2023 09:07:58 GMT
last-modified: Mon, 19 Dec 2022 11:22:10 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2022-12-30T09:07:58+00:00
x-id: fr5-up-gc15
content-range: bytes 0-3759/3760
X-Firefox-Spdy: h2
code.jivo.ru/sounds/notification.mp3
206 Partial Content 5.8 kB URL HTTP/2 code.jivo.ru/sounds/notification.mp3
IP
ASN #199524 G-Core Labs S.A.
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 9aa341af370c4e59155717260ba0f282
0c1216ecead8d1409557c843d96202c063f3f252
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
GET /sounds/notification.mp3 HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Mon, 09 Jan 2023 12:43:26 GMT
content-type: audio/mpeg
content-length: 5808
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "63a04962-16b0"
expires: Sun, 29 Jan 2023 09:09:24 GMT
last-modified: Mon, 19 Dec 2022 11:22:10 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2022-12-30T09:09:24+00:00
x-id: fr5-up-gc15
content-range: bytes 0-5807/5808
X-Firefox-Spdy: h2
code.jivo.ru/sounds/outgoing_message.mp3
206 Partial Content 5.0 kB URL HTTP/2 code.jivo.ru/sounds/outgoing_message.mp3
IP
ASN #199524 G-Core Labs S.A.
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 7bf3e4962a5ecf1f8cbcc2ff3428f531
f75c694461a643d2e096ae8d0f6c1a9d19602eee
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
GET /sounds/outgoing_message.mp3 HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Mon, 09 Jan 2023 12:43:26 GMT
content-type: audio/mpeg
content-length: 5014
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "63a04962-1396"
expires: Sun, 29 Jan 2023 09:07:53 GMT
last-modified: Mon, 19 Dec 2022 11:22:10 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2022-12-30T09:07:53+00:00
x-id: fr5-up-gc15
content-range: bytes 0-5013/5014
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=522291671&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268194%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268194&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=522291671&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268194%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268194&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/29087990?wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=522291671&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268194%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268194&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3220
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 12:43:27 GMT
access-control-allow-origin: https://edemedem.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:27 GMT
last-modified: Mon, 09-Jan-2023 12:43:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/29087990?wv-check=37064&wv-type=0&wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=993005569&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/29087990?wv-check=37064&wv-type=0&wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=993005569&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/29087990?wv-check=37064&wv-type=0&wmode=0&wv-part=1&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=993005569&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 12:43:27 GMT
access-control-allow-origin: https://edemedem.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:27 GMT
last-modified: Mon, 09-Jan-2023 12:43:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=813822127&wv-type=3&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=813822127&wv-type=3&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/29087990?wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=813822127&wv-type=3&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 12:43:27 GMT
access-control-allow-origin: https://edemedem.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:27 GMT
last-modified: Mon, 09-Jan-2023 12:43:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=3&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=446690295&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/29087990?wmode=0&wv-part=3&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=446690295&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/29087990?wmode=0&wv-part=3&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=446690295&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 12:43:27 GMT
access-control-allow-origin: https://edemedem.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:27 GMT
last-modified: Mon, 09-Jan-2023 12:43:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/29087990?wv-check=50843&wv-type=0&wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=638866868&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/29087990?wv-check=50843&wv-type=0&wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=638866868&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/29087990?wv-check=50843&wv-type=0&wmode=0&wv-part=2&wv-hit=816695700&page-url=https%3A%2F%2Fedemedem.me%2Foffer%3Fid%3D6823615&rn=638866868&browser-info=we%3A1%3Aet%3A1673268195%3Aw%3A1268x939%3Av%3A943%3Az%3A0%3Ai%3A20230109124314%3Au%3A1673268188430652583%3Avf%3Awy278c4xrecmji309n1ev%3Ast%3A1673268195&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: https://edemedem.me
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 09 Jan 2023 12:43:27 GMT
access-control-allow-origin: https://edemedem.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 09-Jan-2023 12:43:27 GMT
last-modified: Mon, 09-Jan-2023 12:43:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
edemedem.me/offer?id=6823615
200 OK 0 B URL HTTP/2 edemedem.me/offer?id=6823615
IP
ASN #262254 DDOS-GUARD CORP.
GET /offer?id=6823615 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
set-cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; Domain=.edemedem.me; HttpOnly; Path=/; Expires=Tue, 09-Jan-2024 12:43:19 GMT
PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i; expires=Tue, 09-Jan-2024 12:43:19 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: br
X-Firefox-Spdy: h2
edemedem.me/app/4.1/adaptive-sections?key=7a67469010eddb5b449cbacbeb0a21d7
200 OK 0 B URL HTTP/2 edemedem.me/app/4.1/adaptive-sections?key=7a67469010eddb5b449cbacbeb0a21d7
IP
ASN #262254 DDOS-GUARD CORP.
GET /app/4.1/adaptive-sections?key=7a67469010eddb5b449cbacbeb0a21d7 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i; creatium-stat-cookie-hash=c95963a8f324891e451f28ef9fa494a4; visit_id=359147807; callibri_get_request=1673268186904; v1_referrer_callibri=; v1_data=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
x-robots-tag: noindex, nofollow
content-encoding: br
X-Firefox-Spdy: h2
gate.leadgenic.ru/getscript?site=630f253646e0fb0001c9d9ea
200 OK 0 B URL HTTP/2 gate.leadgenic.ru/getscript?site=630f253646e0fb0001c9d9ea
IP
GET /getscript?site=630f253646e0fb0001c9d9ea HTTP/1.1
Host: gate.leadgenic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 12:43:19 GMT
content-type: application/javascript
last-modified: Sun, 18 Dec 2022 10:21:10 GMT
etag: W/"639ee996-3fa"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DsZVjcbLl0JwVkL%2FuZVbUG8USulMrCrRzq96KrrCLuioZE7pJLnQm%2BgvXDJr7Ze4pAfd8nF0pbzEWLfCpVz7rd0pXDZCesKLDOVXMXtgLzJSVKxDcs3DFwPBYvLgFDBVLUxtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 786d42085f76b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
edemedem.me/app/4.1/async?key=7a67469010eddb5b449cbacbeb0a21d7
200 OK 0 B URL HTTP/2 edemedem.me/app/4.1/async?key=7a67469010eddb5b449cbacbeb0a21d7
IP
ASN #262254 DDOS-GUARD CORP.
GET /app/4.1/async?key=7a67469010eddb5b449cbacbeb0a21d7 HTTP/1.1
Host: edemedem.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://edemedem.me/offer?id=6823615
Cookie: __ddg1_=Oj7EpmCqw9efyAiFEiE0; PHPSESSID=o9i8qt6s8ab36o9gorrfqb7f3i; creatium-stat-cookie-hash=c95963a8f324891e451f28ef9fa494a4; visit_id=359147807; callibri_get_request=1673268186904; v1_referrer_callibri=; v1_data=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Mon, 09 Jan 2023 12:43:20 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
x-robots-tag: noindex, nofollow
content-encoding: br
X-Firefox-Spdy: h2
190.115.18.180
92.53.68.16
23.36.76.226
142.250.74.164
104.17.24.14
31.13.72.12
92.223.124.24
93.184.220.29
188.114.97.1