r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 16803ffa29e10ee999c43eb4e4acfe92
a5ede865a388fa440f20994b43c417d403e9a493
08de8f6abb622e84d2cb6e88dee8fc7c408147ac43da9c24d4cde510ed36b53a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08DE8F6ABB622E84D2CB6E88DEE8FC7C408147AC43DA9C24D4CDE510ED36B53A"
Last-Modified: Mon, 02 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2488
Expires: Wed, 04 Jan 2023 21:45:47 GMT
Date: Wed, 04 Jan 2023 21:04:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8890
Expires: Wed, 04 Jan 2023 23:32:29 GMT
Date: Wed, 04 Jan 2023 21:04:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 20:36:23 GMT
content-type: application/json
age: 1676
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8979
Expires: Wed, 04 Jan 2023 23:33:58 GMT
Date: Wed, 04 Jan 2023 21:04:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RXJsi/6DSaeUj63113YBh3BXlelgeUqgWmBhx8OjCO6I1ecQfTFyrNSvwGpX9TOXsMCjDt2MVLw=
x-amz-request-id: YTSB2NMJJQ7SY4KD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 21:01:27 GMT
age: 172
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 21:04:19 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 20:33:37 GMT
age: 1843
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1831
Cache-Control: max-age=131582
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 21:04:20 GMT
Etag: "63b541ab-1d7"
Expires: Fri, 06 Jan 2023 09:37:22 GMT
Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
mermaids.su/
88.212.247.4301 Moved Permanently 0 B IP 88.212.247.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET / HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
expires: Wed, 04 Jan 2023 22:04:20 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://mermaids.su/
content-length: 0
date: Wed, 04 Jan 2023 21:04:20 GMT
server: LiteSpeed
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: S9qQGspBFCgBsZvYNAg4kQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4ucjwnwfPiDYcjCHxQr3yjoeUL8=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14307
Expires: Thu, 05 Jan 2023 01:02:48 GMT
Date: Wed, 04 Jan 2023 21:04:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14307
Expires: Thu, 05 Jan 2023 01:02:48 GMT
Date: Wed, 04 Jan 2023 21:04:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14307
Expires: Thu, 05 Jan 2023 01:02:48 GMT
Date: Wed, 04 Jan 2023 21:04:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af78916e285d0f6c5c5a5ff33894e108
96df0d8c10c666811cfeb98187ca93e65480c2ff
7bcb20dc641e46d033dee76b3d92b701b31aecfbf88241a5a95dfdc1c5e95885
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5018
x-amzn-requestid: 7a68cfb1-dedd-4f08-8d99-4678c1087422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3HtFHkoAMFwYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49efd-7880e5f93c99cc794f9a03bb;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MvV5dXthUr0Qo499_5eG6Z_yW0gmflen3kRBrse7ngQjUgOVA0OMvg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:50:49 GMT
age: 83612
etag: "96df0d8c10c666811cfeb98187ca93e65480c2ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f7ef195ef59caf6b47f13ceae04987f
dbff30aac035b502e27a3a538dbdfd475d3fc1d4
b31c198d6b76827201a870da6f9fe9b28c2cffe0d3f7f3d8e0530223ea8fc9d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8148
x-amzn-requestid: 7712cf7e-ea08-47da-876a-ba70c723b68b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33cHXsIAMFhhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3c965abb517a33ce31cbdf4c;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJ4e7NUOg62KQDiD04fLCiSoQgBO_AQGw6mrIYbqcgdrylEMwoDQUA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:50:17 GMT
age: 83644
etag: "dbff30aac035b502e27a3a538dbdfd475d3fc1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a9375cec16bfe696766c8d373d9b54
2167c2f197dd44558ac2dea500d8b6b3cfa50e83
6f94fe0c817b031d913d53fee6b317148bdabea044102b8f0c9df8a3737d59f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10696
x-amzn-requestid: 2117681b-ee8b-4881-b860-087a8662a3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7xM1FK7oAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae2f1e-5a3648ba2ac7ba01177f361d;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 00:21:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: q6iynVloHNnImjEwinGPE2aK--d_0Qz8LhHe3a6NqOJhTDhuYjCgrA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 09:17:12 GMT
age: 42429
etag: "2167c2f197dd44558ac2dea500d8b6b3cfa50e83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 359f30e64bec00d0a01acd69a08b684d
ac965c8642c4d1e47713965060fa2fc8f19088b1
fff1b001462468cc953092a2312650c03f307e95c40e2c6bb7356e2a8b9b0283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11877
x-amzn-requestid: 884b9243-6a8a-4434-9b2a-e5eff84d4e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33bFnDoAMFpoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3f7043ae29d21e010ddc1ff9;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WcUVY1LHWCEWWyJZEhS8M5tlXhx5WDnIr9RmxLMvqIilnREfwORJew==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:12:53 GMT
age: 82288
etag: "ac965c8642c4d1e47713965060fa2fc8f19088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36836a00-5089-401d-9a69-e25230099d0a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36836a00-5089-401d-9a69-e25230099d0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb033e4a3035a49677a810f764021597
a76b2ab1c4b33be2244cc4e81ee56b95d9ddc860
fa816b99c77b4c1ac27153355574d7a4fbdc1a43ac8417bdfd45004fb54b878a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36836a00-5089-401d-9a69-e25230099d0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6861
x-amzn-requestid: eb43b3e5-316e-4fa0-b6a7-696e747a4e6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3IuGQFoAMFwbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49f04-3d752ea257c839dc59e5b803;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WrCm8Xxp2Rt3nAx0N3XN0KAetKaWuoPyN2s9FmYo1XDJ2YI4g9TTEQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:10:14 GMT
age: 82447
etag: "a76b2ab1c4b33be2244cc4e81ee56b95d9ddc860"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 235b1a6e2b61b3068bf7a8e7a2607634
0df6f090574996e472064765c6f27b6b8e012414
6e6061581018dc0ec494631e7861cf2e44f82ac94d1b0056679555ff6dae5f8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13546
x-amzn-requestid: 6758cca7-bc06-43dd-8545-3e05aa760218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3p7GYjIAMFw7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49fd8-038317190f3df26f13c9d961;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _ppyHa_jCBaOxdhFxe2mk83Tk35L97BMENr5W2wsMFHmtTnVXy2bFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:54:33 GMT
age: 83388
etag: "0df6f090574996e472064765c6f27b6b8e012414"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mermaids.su/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
88.212.247.4200 OK 12 kB URL HTTP/2 mermaids.su/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 88.212.247.4:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:30:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
88.212.247.4200 OK 1.8 kB URL HTTP/2 mermaids.su/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP 88.212.247.4:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Fri, 18 Nov 2022 11:51:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
88.212.247.4200 OK 23 kB URL HTTP/2 mermaids.su/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP 88.212.247.4:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 0c6730c96c60030ddaf42fcf5daf3b17
feb4c0071f27718582e58d365022a1b559de5765
d996bec53b493bc579754f29f7d6d0b5332f3354c860a3787e2365a79c44f995
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Fri, 18 Nov 2022 11:51:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22871
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-includes/css/classic-themes.min.css?ver=1
88.212.247.4200 OK 217 B URL HTTP/2 mermaids.su/wp-includes/css/classic-themes.min.css?ver=1
IP 88.212.247.4:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 07:31:22 GMT
accept-ranges: bytes
content-length: 217
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/
88.212.247.4200 OK 26 kB IP 88.212.247.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash df20cae6deb7f7b8ee36e0730c360d71
31549bcfa4169b3f59958fedbc1865b93970f277
55a69a3dd09826c9d2463b0d6629eb9be2c7af758d825a13e449dd43b0e189d6
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET / HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://mermaids.su/wp-json/>; rel="https://api.w.org/", <https://mermaids.su/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://mermaids.su/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/cdek/assets/css/cdek-map.css?ver=6.1.1
88.212.247.4200 OK 88 B URL HTTP/2 mermaids.su/wp-content/plugins/cdek/assets/css/cdek-map.css?ver=6.1.1
IP 88.212.247.4:0
Hash 8896da75c5ebb7fbcd835f657f94731d
27b8815c625b4bb152d780c6082f99e37d5ed4db
865b5945a3c38cc79460f63b859655b0c99d68cd0f6d00bc201d3f5938f8cc0d
GET /wp-content/plugins/cdek/assets/css/cdek-map.css?ver=6.1.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Fri, 18 Nov 2022 10:44:46 GMT
accept-ranges: bytes
content-length: 88
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/cdek/assets/css/MarkerCluster.Default.min.css?ver=6.1.1
88.212.247.4200 OK 301 B URL HTTP/2 mermaids.su/wp-content/plugins/cdek/assets/css/MarkerCluster.Default.min.css?ver=6.1.1
IP 88.212.247.4:0
File type ASCII text, with very long lines (1022), with no line terminators
Hash aac3b9930aa5c6a19fc381d98d9a474f
5940f53d236201e5fbce1d8698b0abf7e19808b0
91a8f19a02d288e4b8725a0157da6658585425c6e4e6d6e1378ff7a25b0e6185
GET /wp-content/plugins/cdek/assets/css/MarkerCluster.Default.min.css?ver=6.1.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Fri, 18 Nov 2022 10:44:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 301
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/cdek/assets/css/MarkerCluster.min.css?ver=6.1.1
88.212.247.4200 OK 150 B URL HTTP/2 mermaids.su/wp-content/plugins/cdek/assets/css/MarkerCluster.min.css?ver=6.1.1
IP 88.212.247.4:0
File type ASCII text, with very long lines (688), with no line terminators
Hash 3ab18015afa578a2d4f6a1915ad43427
e38f300f45ae78dae66b8575efc1e3d9b7fc77a2
d473db4162c49129ebf4b875d6bde4148694d52c7dd56a0a0150fc6d81cd2b87
GET /wp-content/plugins/cdek/assets/css/MarkerCluster.min.css?ver=6.1.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Fri, 18 Nov 2022 10:44:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 150
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
88.212.247.4200 OK 824 B URL HTTP/2 mermaids.su/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP 88.212.247.4:0
Hash 269ed2215d4adf9265132f4135d49185
2e1bf415040627ed8041c1444de11034efe66f89
dad114286e260217aae476d3c4f7da41e7356438bb63a4e742787c6463e19963
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 08:42:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 824
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.6
88.212.247.4200 OK 825 B URL HTTP/2 mermaids.su/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.6
IP 88.212.247.4:0
Hash 90aaffc001d2ffb60072699bdd052fff
770c30fe368c633b065256d1689b2d6e7a10867c
6a68e64472a3c944b9fb14b28501f5f2784ebb88890f1561b864899c2fd68025
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.6 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 08:42:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 825
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.6
88.212.247.4200 OK 289 B URL HTTP/2 mermaids.su/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.6
IP 88.212.247.4:0
File type ASCII text, with CR line terminators
Hash 06e5b21cbcff813c4731edf288388ba4
697133e0e3ea0a896f5a45023887d9345304afd0
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
GET /wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.6 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 08:42:11 GMT
accept-ranges: bytes
content-length: 289
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
88.212.247.4200 OK 378 B URL HTTP/2 mermaids.su/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
IP 88.212.247.4:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash a6928aa91112567cad0fa3dc87d869ee
17ea9c46787e2f18e191fd958b2e66516cbd9b02
cd486376d94277581bada0a4dbdfe75d2a4607283645a522dc346edd36838dde
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 08:42:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 378
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
88.212.247.4200 OK 4.0 kB URL HTTP/2 mermaids.su/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 88.212.247.4:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: application/javascript
last-modified: Mon, 17 Oct 2022 08:42:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.6
88.212.247.4200 OK 4.7 kB URL HTTP/2 mermaids.su/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.6
IP 88.212.247.4:0
Hash 2ebe6380b8d4175c0891e5d31d8b27ae
d90a96e9e13521e96e0ee08ca78a1da6a72ee0f3
fd6bfebce088d408753d5d226e4c40261fbcbeadc2fc9f082afe1cf2762f0298
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.6 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 08:42:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4686
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/cdek/assets/js/lib/leaflet.markercluster-src.min.js?ver=6.1.1
88.212.247.4200 OK 8.5 kB URL HTTP/2 mermaids.su/wp-content/plugins/cdek/assets/js/lib/leaflet.markercluster-src.min.js?ver=6.1.1
IP 88.212.247.4:0
File type ASCII text, with very long lines (34000), with no line terminators
Hash ddbe524cd0a4798700130aa65dfaef05
a0e8682658beaac427811ce6196a26f2e5d14c1f
70b7bee56f6204c9eee18e531572904431428b98523da5d220b36a8f52b6c668
GET /wp-content/plugins/cdek/assets/js/lib/leaflet.markercluster-src.min.js?ver=6.1.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 10:44:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8524
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-includes/css/dashicons.min.css?ver=6.1.1
88.212.247.4200 OK 35 kB URL HTTP/2 mermaids.su/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 88.212.247.4:0
File type ASCII text, with very long lines (58981)
Hash 54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 08:42:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/themes/mermaides_v2/static/css/main.min.css?ver=6.1.1
88.212.247.4200 OK 25 kB URL HTTP/2 mermaids.su/wp-content/themes/mermaides_v2/static/css/main.min.css?ver=6.1.1
IP 88.212.247.4:0
File type CSV text\012- , ASCII text, with very long lines (15482)
Hash f08428507c830031e0860565675187eb
f5a950d319b0e0a4ef5dc88678fcbff51c11a99b
6d03721e944886e42ba5697eb311cfe9b163f8505a20293a5047075dccacbd11
GET /wp-content/themes/mermaides_v2/static/css/main.min.css?ver=6.1.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 09:21:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24561
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-content/plugins/cdek/assets/js/lib/leaflet-src.min.js?ver=6.1.1
88.212.247.4200 OK 40 kB URL HTTP/2 mermaids.su/wp-content/plugins/cdek/assets/js/lib/leaflet-src.min.js?ver=6.1.1
IP 88.212.247.4:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 76a76cbe1d03a7e2f187034a91b801d4
ee0a350cddb6a8095ec9e1da682568967caf7499
79847dd2cc4af105a866eb8b7141b122ed8cc3d2ebd36422a140ba4c308f0b7c
GET /wp-content/plugins/cdek/assets/js/lib/leaflet-src.min.js?ver=6.1.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 10:44:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 39803
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
mermaids.su/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
88.212.247.4200 OK 30 kB URL HTTP/2 mermaids.su/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 88.212.247.4:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: mermaids.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 11 Jan 2023 21:04:21 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 07:31:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 04 Jan 2023 21:04:21 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 28eb8bd61714651a15fd1fb78d1d4454
fbd10260b018969b5b872df3d50cf22583e9d334
a13f4b5ce85b67b47e940ca24ae79978a14b58882389f2c28bd50db3b029f7c1
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 21:04:22 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 08 Jan 2023 20:09:43 GMT
ETag: "fbd10260b018969b5b872df3d50cf22583e9d334"
Last-Modified: Wed, 04 Jan 2023 20:09:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2313
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7846ed1d8d510afe-OSL
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 76 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash bec04f7653d0df9ba3a12c29f2647dc6
54870e8587eae9873c42045f30d4d02722ce86e5
9c2a4d8aeadaf3ce845e46e5a3cfdc4cf8dd72a5c7a61cc4659b7c0fd476e169
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 76462
date: Wed, 04 Jan 2023 21:04:22 GMT
access-control-allow-origin: *
etag: "63ae6ee1-12aae"
expires: Wed, 04 Jan 2023 22:04:22 GMT
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 04 Jan 2023 21:04:23 GMT
access-control-allow-origin: *
etag: "63ae6ee1-2b"
expires: Wed, 04 Jan 2023 22:04:23 GMT
accept-ranges: bytes
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88811073?wmode=7&page-url=https%3A%2F%2Fmermaids.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06srfr%3Afp%3A2975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1578727239532%3Ahid%3A651941035%3Az%3A0%3Ai%3A20230104210413%3Aet%3A1672866253%3Ac%3A1%3Arn%3A418186080%3Arqn%3A1%3Au%3A1672866253126868014%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C101%2C1274%2C0%2C1138%2C0%2C%2C857%2C17%2C%2C%2C%2C3372%3Aco%3A0%3Ans%3A1672866249432%3Arqnl%3A1%3Ast%3A1672866253%3At%3AMermaids%20-%20%D0%9D%D0%BE%D1%80%D0%B2%D0%B5%D0%B6%D1%81%D0%BA%D0%B8%D0%B9%20%D1%80%D1%8B%D0%B1%D0%B8%D0%B9%20%D0%B6%D0%B8%D1%80%20(%D0%9E%D0%9C%D0%95%D0%93%D0%90-3)%20%D0%B8%20%D0%9A%D0%BE%D0%BB%D0%BB%D0%B0%D0%B3%D0%B5%D0%BD%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)efid(1)ti(2)
87.250.251.119302 Found 442 B URL HTTP/2 mc.yandex.ru/watch/88811073?wmode=7&page-url=https%3A%2F%2Fmermaids.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06srfr%3Afp%3A2975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1578727239532%3Ahid%3A651941035%3Az%3A0%3Ai%3A20230104210413%3Aet%3A1672866253%3Ac%3A1%3Arn%3A418186080%3Arqn%3A1%3Au%3A1672866253126868014%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C101%2C1274%2C0%2C1138%2C0%2C%2C857%2C17%2C%2C%2C%2C3372%3Aco%3A0%3Ans%3A1672866249432%3Arqnl%3A1%3Ast%3A1672866253%3At%3AMermaids%20-%20%D0%9D%D0%BE%D1%80%D0%B2%D0%B5%D0%B6%D1%81%D0%BA%D0%B8%D0%B9%20%D1%80%D1%8B%D0%B1%D0%B8%D0%B9%20%D0%B6%D0%B8%D1%80%20(%D0%9E%D0%9C%D0%95%D0%93%D0%90-3)%20%D0%B8%20%D0%9A%D0%BE%D0%BB%D0%BB%D0%B0%D0%B3%D0%B5%D0%BD%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)efid(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (442), with no line terminators
Hash c48e671b10c0cb5fb84df0fac8e66cb4
14d0dd1347e64ce75c652e092a43833c4457d365
3c831348b2ab9536621f62a800c5a6df0b60c5fce290d7784e4f334bdc99481a
GET /watch/88811073?wmode=7&page-url=https%3A%2F%2Fmermaids.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06srfr%3Afp%3A2975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1578727239532%3Ahid%3A651941035%3Az%3A0%3Ai%3A20230104210413%3Aet%3A1672866253%3Ac%3A1%3Arn%3A418186080%3Arqn%3A1%3Au%3A1672866253126868014%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C101%2C1274%2C0%2C1138%2C0%2C%2C857%2C17%2C%2C%2C%2C3372%3Aco%3A0%3Ans%3A1672866249432%3Arqnl%3A1%3Ast%3A1672866253%3At%3AMermaids%20-%20%D0%9D%D0%BE%D1%80%D0%B2%D0%B5%D0%B6%D1%81%D0%BA%D0%B8%D0%B9%20%D1%80%D1%8B%D0%B1%D0%B8%D0%B9%20%D0%B6%D0%B8%D1%80%20(%D0%9E%D0%9C%D0%95%D0%93%D0%90-3)%20%D0%B8%20%D0%9A%D0%BE%D0%BB%D0%BB%D0%B0%D0%B3%D0%B5%D0%BD%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)efid(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mermaids.su
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/88811073/1?wmode=7&page-url=https%3A%2F%2Fmermaids.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06srfr%3Afp%3A2975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1578727239532%3Ahid%3A651941035%3Az%3A0%3Ai%3A20230104210413%3Aet%3A1672866253%3Ac%3A1%3Arn%3A418186080%3Arqn%3A1%3Au%3A1672866253126868014%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C101%2C1274%2C0%2C1138%2C0%2C%2C857%2C17%2C%2C%2C%2C3372%3Aco%3A0%3Ans%3A1672866249432%3Arqnl%3A1%3Ast%3A1672866253%3At%3AMermaids%20-%20%D0%9D%D0%BE%D1%80%D0%B2%D0%B5%D0%B6%D1%81%D0%BA%D0%B8%D0%B9%20%D1%80%D1%8B%D0%B1%D0%B8%D0%B9%20%D0%B6%D0%B8%D1%80%20%28%D0%9E%D0%9C%D0%95%D0%93%D0%90-3%29%20%D0%B8%20%D0%9A%D0%BE%D0%BB%D0%BB%D0%B0%D0%B3%D0%B5%D0%BD%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29pe%281%29efid%281%29ti%282%29
date: Wed, 04 Jan 2023 21:04:23 GMT
access-control-allow-origin: https://mermaids.su
set-cookie: yabs-sid=45245841672866263; Path=/; SameSite=None; Secure
i=A+kVCUq0j+fVWxZb+qMQsmbnI0/Q83Xhh55ZyvGAvY+cEkMNa1wj0/cctP4uoZUlRFSeXQ/fGAXHwr7Nb6+Uwb/0OGs=; Expires=Sat, 01-Jan-2033 21:04:22 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8462776401672866263; Expires=Thu, 04-Jan-2024 21:04:23 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8462776401672866263; Expires=Thu, 04-Jan-2024 21:04:23 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1704402263.yc.1672866263#1704402263.yrts.1672866263#1704402263.yrtsi.1672866263; Expires=Thu, 04-Jan-2024 21:04:23 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 04-Jan-2023 21:04:23 GMT
last-modified: Wed, 04-Jan-2023 21:04:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/metrika_match.html
87.250.251.119200 OK 696 B URL HTTP/2 mc.yandex.ru/metrika/metrika_match.html
IP 87.250.251.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (540)
Hash 784e2d6c9868e5d3aca06efb9fc6bdd2
9496aba69de55c6b74b1494d0479772a28a7f29c
cf75bbfd28015ee0303483f2224ef09129135c7487ddb6537f999b6095619698
GET /metrika/metrika_match.html HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mermaids.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 696
date: Wed, 04 Jan 2023 21:04:23 GMT
access-control-allow-origin: *
etag: "63ae6ee1-2b8"
expires: Wed, 04 Jan 2023 22:04:23 GMT
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-encoding: br
content-type: text/html
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 6ab4b3feb3482c34a56b45a3d0fdad06
45cc7cae3d897a5e6287dc6bf21fc2c7b5f014d7
6c11fdfdfb4fb40c71620a83c691a3355319d18a2bcf7f11a562c1fcc88a5cdd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 21:04:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 08 Jan 2023 19:35:47 GMT
ETag: "45cc7cae3d897a5e6287dc6bf21fc2c7b5f014d7"
Last-Modified: Wed, 04 Jan 2023 19:35:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2667
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7846ed225a2a0afe-OSL
adfstat.yandex.ru/metrica?id=651941035
87.250.250.145200 OK 15 B URL HTTP/1.1 adfstat.yandex.ru/metrica?id=651941035
IP 87.250.250.145:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c776997933eb60833b37beaf43814c8
bff63526eb02853c6b414ccfb4d00ac9ca283930
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
GET /metrica?id=651941035 HTTP/1.1
Host: adfstat.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc.yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 21:04:23 GMT
Content-Type: application/json
Content-Length: 15
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=10, immutable
mc.yandex.ru/webvisor/88811073?wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=710825461&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672866256%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210416%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866256&t=gdpr(14)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/88811073?wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=710825461&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672866256%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210416%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866256&t=gdpr(14)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/88811073?wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=710825461&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672866256%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210416%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866256&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 171989
Origin: https://mermaids.su
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 04 Jan 2023 21:04:26 GMT
access-control-allow-origin: https://mermaids.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 04-Jan-2023 21:04:26 GMT
last-modified: Wed, 04-Jan-2023 21:04:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/88811073?wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=671817601&wv-type=3&browser-info=we%3A1%3Aet%3A1672866257%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210416%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866257&t=gdpr(14)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/88811073?wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=671817601&wv-type=3&browser-info=we%3A1%3Aet%3A1672866257%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210416%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866257&t=gdpr(14)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/88811073?wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=671817601&wv-type=3&browser-info=we%3A1%3Aet%3A1672866257%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210416%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866257&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://mermaids.su
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 04 Jan 2023 21:04:26 GMT
access-control-allow-origin: https://mermaids.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 04-Jan-2023 21:04:26 GMT
last-modified: Wed, 04-Jan-2023 21:04:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/88811073?wv-check=47185&wv-type=0&wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=625342511&browser-info=we%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/88811073?wv-check=47185&wv-type=0&wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=625342511&browser-info=we%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/88811073?wv-check=47185&wv-type=0&wmode=0&wv-part=1&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=625342511&browser-info=we%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://mermaids.su
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 04 Jan 2023 21:04:28 GMT
access-control-allow-origin: https://mermaids.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 04-Jan-2023 21:04:28 GMT
last-modified: Wed, 04-Jan-2023 21:04:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/88811073?wmode=0&wv-part=2&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=672735471&wv-type=3&browser-info=we%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/88811073?wmode=0&wv-part=2&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=672735471&wv-type=3&browser-info=we%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/88811073?wmode=0&wv-part=2&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=672735471&wv-type=3&browser-info=we%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://mermaids.su
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 04 Jan 2023 21:04:28 GMT
access-control-allow-origin: https://mermaids.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 04-Jan-2023 21:04:28 GMT
last-modified: Wed, 04-Jan-2023 21:04:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/88811073?wmode=0&wv-part=2&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=904061121&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/88811073?wmode=0&wv-part=2&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=904061121&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/88811073?wmode=0&wv-part=2&wv-hit=651941035&page-url=https%3A%2F%2Fmermaids.su%2F&rn=904061121&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672866258%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230104210418%3Au%3A1672866253126868014%3Avf%3Asm0eap24hzlr84c06srfr%3Ast%3A1672866258&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://mermaids.su
Connection: keep-alive
Referer: https://mermaids.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 04 Jan 2023 21:04:28 GMT
access-control-allow-origin: https://mermaids.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 04-Jan-2023 21:04:28 GMT
last-modified: Wed, 04-Jan-2023 21:04:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2